diff options
| author | Anas Nashif <anas.nashif@intel.com> | 2012-11-13 12:30:55 -0800 |
|---|---|---|
| committer | Anas Nashif <anas.nashif@intel.com> | 2012-11-13 12:30:55 -0800 |
| commit | f251dedaa31b48f7c05a4b53c112b40ebca890ef (patch) | |
| tree | d6c78a1b273417506edb030c96772c8459f5831e | |
| download | xmlsec1-f251dedaa31b48f7c05a4b53c112b40ebca890ef.tar.gz xmlsec1-f251dedaa31b48f7c05a4b53c112b40ebca890ef.tar.bz2 xmlsec1-f251dedaa31b48f7c05a4b53c112b40ebca890ef.zip | |
Imported Upstream version 1.2.18upstream/1.2.18
960 files changed, 257524 insertions, 0 deletions
diff --git a/AUTHORS b/AUTHORS new file mode 100644 index 00000000..3003d13e --- /dev/null +++ b/AUTHORS @@ -0,0 +1,8 @@ +Aleksey Sanin <aleksey@aleksey.com> + +Windows port: Igor Zlatkovic <igor@stud.fh-frankfurt.de> +Debian port: John Belmonte <jvb@prairienet.org> +xmlsec-nss: Tej Arora <tej@netscape.com>, AOL Inc. +xmlsec-mscrypto: Wouter Ketting <wsh@xs4all.nl>, Cordys R&D BV +GOST support: Dmitry Belyavsky <beldmit@cryptocom.ru>, Cryptocom LTD (http://www.cryptocom.ru) + diff --git a/COPYING b/COPYING new file mode 100644 index 00000000..23e43728 --- /dev/null +++ b/COPYING @@ -0,0 +1,105 @@ +xmlsec, xmlsec-openssl, xmlsec-gnutls, xmlsec-gcrypt libraries +------------------------------------------------------------------------------ + +Copyright (C) 2002-2010 Aleksey Sanin. All Rights Reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is fur- +nished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- +NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- +NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of Aleksey Sanin shall not +be used in advertising or otherwise to promote the sale, use or other deal- +ings in this Software without prior written authorization from him. + + +xmlsec-nss library +------------------------------------------------------------------------------ +Copyright (C) 2002-2010 Aleksey Sanin. All Rights Reserved. +Copyright (c) 2003 America Online, Inc. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is fur- +nished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +Portions of the Software were created using source code and/or APIs +governed by the Mozilla Public License (MPL). The MPL is available +at http://www.mozilla.org/MPL/MPL-1.1.html. The MPL permits such +portions to be distributed with code not governed by MPL, as long +as the requirements of MPL are fulfilled for such portions. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- +NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- +NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of Aleksey Sanin shall not +be used in advertising or otherwise to promote the sale, use or other deal- +ings in this Software without prior written authorization from him. + + +xmlsec-mscrypto library +------------------------------------------------------------------------------ + +Copyright (C) 2002-2010 Aleksey Sanin. All Rights Reserved. +Copyright (C) 2003 Cordys R&D BV, All rights reserved. +Copyright (C) 2007 Roumen Petrov. +Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru). + + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is fur- +nished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- +NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- +NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of Aleksey Sanin shall not +be used in advertising or otherwise to promote the sale, use or other deal- +ings in this Software without prior written authorization from him. + + + +References +------------------------------------------------------------------------------ + +* AOL +http://www.aleksey.com/pipermail/xmlsec/2003/005488.html +http://www.aleksey.com/pipermail/xmlsec/attachments/20030729/0e25648e/attachment.htm + +* Cordys R&D BV +http://www.aleksey.com/pipermail/xmlsec/2003/005581.html + +* Cryptocom LTD +http://www.aleksey.com/pipermail/xmlsec/2006/007410.html + diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 00000000..7941b6be --- /dev/null +++ b/ChangeLog @@ -0,0 +1,1810 @@ +2011-05-11 Aleksey Sanin <aleksey@aleksey.com> + * 1.2.18 release + +2011-05-01 Aleksey Sanin <aleksey@aleksey.com> + * Fixed crasher in 64 bit (reported by Roumen) + +2011-03-31 Aleksey Sanin <aleksey@aleksey.com> + * 1.2.17 release + +2011-03-30 Aleksey Sanin <aleksey@aleksey.com> + * Preparations for 1.2.17 release + +2011-03-29 Aleksey Sanin <aleksey@aleksey.com> + * Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire) + +2011-02-05 Aleksey Sanin <aleksey@aleksey.com> + * Fixed pkcs12 file loading (based on patch from Andre de Souza Pinto) + +2010-11-23 Aleksey Sanin <aleksey@aleksey.com> + * Fixed comments (based on patch from Wolfgang Woehl) + +2010-11-09 Aleksey Sanin <aleksey@aleksey.com> + * Fixed extra quotes in configure (bug #631258) + +2010-07-19 Aleksey Sanin <aleksey@aleksey.com> + * Fixed configure issue with empty --with-libxml/libxsl and config scripts in /bin directory + +2010-06-27 Aleksey Sanin <aleksey@aleksey.com> + * Fixed gcrypt init/shutdown (patch from Roumen) + +2010-04-25 Aleksey Sanin <aleksey@aleksey.com> + * 1.2.16 release + +2010-04-24 Aleksey Sanin <aleksey@aleksey.com> + * Preparation for 1.2.16 release + +2010-05-23 Aleksey Sanin <aleksey@aleksey.com> + * Added X509Data support to xmlsec-gnutls + +2010-05-12 Aleksey Sanin <aleksey@aleksey.com> + * Several patches from Roumen: support NSS/NSPR from seamonkey + package; reorder libxmlsec as dep. lib for mingw; fix gcrypt/src/asn1.h + include; fix Unicode build for mingw + * Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gnutls + * Added DSA/SHA1 for xmlsec-gnutls + +2010-05-10 Aleksey Sanin <aleksey@aleksey.com> + * Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gcrypt + * Added DSA/SHA1 for xmlsec-gcrypt + +2010-05-09 Aleksey Sanin <aleksey@aleksey.com> + * Added DES KW support for xmlsec-mscrypto + * Added DES KW support for xmlsec-gnutls + * Separated xmlsec-gnutls and xmlsec-gcrypt libraries + +2010-05-08 Aleksey Sanin <aleksey@aleksey.com> + * Added AES KW support for xmlsec-mscrypto + * Added AES KW support for xmlsec-gnutls + +2010-04-30 Aleksey Sanin <aleksey@aleksey.com> + * Added RSA/OAEP support for xmlsec-mscrypto + +2010-04-29 Aleksey Sanin <aleksey@aleksey.com> + * 1.2.15 release + +2010-04-28 Aleksey Sanin <aleksey@aleksey.com> + * Preparation for 1.2.15 release + +2010-04-27 Aleksey Sanin <aleksey@aleksey.com> + * Converted xmlsec-mscrypto to unicode and provided a compile time + option to switch between unicode/non-unicode builds + * Deleted support for old gnutls, new required version 2.8.0 + * Added SHA256/384/512 support for xmlsec-gnutls + +2010-04-26 Aleksey Sanin <aleksey@aleksey.com> + * Added support for HMAC with MD5, SHA1, SHA256/384/512 in xmlsec-mscrypto + * Added support for MD5 RSA/MD5 in xmlsec-mscrypto + +2010-04-25 Aleksey Sanin <aleksey@aleksey.com> + * Added support for SHA256/384/512 for digest, HMAC and RSA in xmlsec-nss + (requires nss 3.8 + nspr 4.3 or greater) + * Added support for MD5 for digest and RSA in xmlsec-nss + * Minor fixes to xmlsec-nss (xmlsec bug #118630), bumping nss min + version to 3.9 + nspr 4.4.1 or greater + Other minor fixes for xmlsec-nss + +2010-04-24 Aleksey Sanin <aleksey@aleksey.com> + * Fix PK_CONFIG problem (reported by Roumen) + * Enable --crypto for transform checks + +2010-04-23 Aleksey Sanin <aleksey@aleksey.com> + * Enable RSA/SHA2 support in xmlsec-mscrypto + * Misc. cleanups in xmlsec-mscrypto + * Fix PK_CONFIG problem (reported by Roumen) + * Fix DSA support in xmlsec-nss (https://bugzilla.mozilla.org/show_bug.cgi?id=561598) + +2010-04-23 Aleksey Sanin <aleksey@aleksey.com> + * Fix search for certificates with UTF-8 subject on Windows in xmlsec-mscrypto + * Remove spaces at the end of lines + +2010-04-22 Aleksey Sanin <aleksey@aleksey.com> + * Fix search for certificates with Unicode subject on Windows in xmlsec-mscrypto + * Copy *.manifest files to installation for Windows builds + * Convert tabs to spaces + +2010-04-21 Aleksey Sanin <aleksey@aleksey.com> + * Fix key name conversion to unicode problem in xmlsec-mscrypto + +2010-04-20 Aleksey Sanin <aleksey@aleksey.com> + * Fix compile warnings in xmlsec-openssl + * Fix linking order issue (based on patch from Roumen) + +2010-03-30 Aleksey Sanin <aleksey@aleksey.com> + * Fix typo Copyrigth -> Copyright + * Add xmlsec-mscrypto to the top level copyright file + * Refresh the copyright date to 2010 + * Add references to licenses + +2010-03-18 Aleksey Sanin <aleksey@aleksey.com> + * Ensure we have only one copy of key's cert after reading pkcs12 + from openssl + +2010-01-13 Aleksey Sanin <aleksey@aleksey.com> + * Fix valgrind's invalid read with chained XPath transforms (based + on patch from Frank Gross). + +2009-09-05 Aleksey Sanin <aleksey@aleksey.com> + * preparation for 1.2.14 release + +2009-11-05 Aleksey Sanin <aleksey@aleksey.com> + * Use installed ltdl on *nix and native code on Windows + +2009-10-25 Aleksey Sanin <aleksey@aleksey.com> + * Fix --with-libxslt-src (patch from Roumen) + +2009-09-12 Aleksey Sanin <aleksey@aleksey.com> + * Preparation for 1.2.13 release + +2009-08-24 Aleksey Sanin <aleksey@aleksey.com> + * Fix XML dump format + +2009-08-06 Aleksey Sanin <aleksey@aleksey.com> + * fix build for openssl 1.0 (based on patch from Roumen Petrov) + * cleanup test invocation scripts + * cleanup configure.in + +2009-07-29 Aleksey Sanin <aleksey@aleksey.com> + * fix a couple minor issues (based on patch from Arfrever + Frehtes Taifersar Arahesis) + +2009-07-17 Aleksey Sanin <aleksey@aleksey.com> + * preparation for 1.2.13 release + +2009-07-14 Aleksey Sanin <aleksey@aleksey.com> + * increase default min hmac size to 80 bits + * added support for --with-libxml-src and --with-libxslt-src + ./configure options + +2009-06-25 Aleksey Sanin <aleksey@aleksey.com> + * implemented c14n 1.1 transform + tests + +2009-06-15 Aleksey Sanin <aleksey@aleksey.com> + * configure.in docs/download.html docs/index.html docs/news.html + include/xmlsec/version.h: preparation for new 1.2.12 release + +2009-06-15 Aleksey Sanin <aleksey@aleksey.com> + * added support for the GOST implemented by Russian Crypto Pro CSP + (patch from Dennis Prochko) + +2009-06-15 Aleksey Sanin <aleksey@aleksey.com> + * fixed HMAC vuln with small values of HMAC length + +2009-06-13 Aleksey Sanin <aleksey@aleksey.com> + * fixing gnutls detection (bug #585629) + +2009-06-09 Aleksey Sanin <aleksey@aleksey.com> + * update SVN to GIT references in docs + +2009-06-09 Aleksey Sanin <aleksey@aleksey.com> + * adding configurable Base64 line length + +2008-09-10 Aleksey Sanin <aleksey@aleksey.com> + * fixing bug #501315 (patch from Antony Dovgal) + +2008-08-26 Aleksey Sanin <aleksey@aleksey.com> + * apps/xmlsec.c: fix integer division (patch from Mikhail) + +2008-06-10 Aleksey Sanin <aleksey@aleksey.com> + * src/mscrypto/x509.c src/openssl/x509.c src/nss/x509.c: fix crash + in the error reporting (based on patch from Frank Gross) + +2008-06-04 Aleksey Sanin <aleksey@aleksey.com> + * src/templates.c src/keyinfo.c src/xmltree.c src/mscrypto/x509.c + src/openssl/x509.c src/nss/x509.c include/xmlsec/xmltree.h: + added new function xmlSecNodeEncodeAndSetContent for encoding + special chars in the node content (bug reported by Cliff Hones) + +2008-06-04 Aleksey Sanin <aleksey@aleksey.com> + * src/xmltree.c, src/xmlenc.c, include/xmlsec/xmltree.h, include/xmlsec/xmlenc.h: + add an option to return the replaced (encrypted) node(s) to the caller + (based on the patch from Frank Gross) + +2008-05-23 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/app.c: fix MS certificates ref counting + +2007-11-06 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + include/xmlsec/version.h: preparation for new 1.2.11 release + +2007-07-19 Aleksey Sanin <aleksey@aleksey.com> + + * bug #454397 - mingw build: added missing files + +2007-07-19 Aleksey Sanin <aleksey@aleksey.com> + + * bug #454397 - mingw build: normal way to pass def file to linker + (patch from Roumen Petrov) + +2007-07-17 Aleksey Sanin <aleksey@aleksey.com> + + * bug #454397 - mingw build: (cross-compilation) and several + minor cleanups (patch from Roumen Petrov) + +2007-06-16 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: configure fixes (patch from Roumen Petrov) + +2007-06-06 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/*: better support for non micorsoft CSP's (patch from + Wouter and Ed Shallow) + +2007-02-12 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am xmlsec1.m4: automake macro for xmlsec1 (from Heiko Ronsdorf) + +2006-09-04 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/openssl/app.h src/openssl/app.c src/openssl/x509vfy.c: + added xmlSecOpenSSLAppKeysMngrAddCertsFile() function + (David Norrel) + +2006-08-15 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509vfy.c: fixed loading certs from a directory + during openssl x509 store init (based on idea from David Norrel) + +2006-06-12 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/templates.h, src/templates.c, src/xmltree.c: + support for custom namespaces prefixes for xmldisg namespace + (based on patch from Barry Ferg) + +2006-06-12 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + include/xmlsec/version.h: preparation for new 1.2.10 release + +2006-06-12 Aleksey Sanin <aleksey@aleksey.com> + + * xmlsec-config.in: lib64/ folder patch from Daniel + +2006-06-08 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in xmlsec-nss.pc.in: support different + packages for NSPR/NSS + +2006-05-20 Aleksey Sanin <aleksey@aleksey.com> + Added xmlSecOpenSSLX509StoreAdoptCrl() function + +2006-03-10 Aleksey Sanin <aleksey@aleksey.com> + + * src/nss/app.c, src/openssl/x509vfy.c, src/xmldsig.c, + src/xmlsec-ltdl.c, src/xmlsec-ltdl.patch: cleanup Coverity + complaints + +2006-02-26 Aleksey Sanin <aleksey@aleksey.com> + * apps/xmlsec.c tests/testDSig.sh: added an ability to skip + tests for transforms not available in given built + * tests/: added GOST test from Dmitry Belyavsky + +2006-02-16 Aleksey Sanin <aleksey@aleksey.com> + * src/mscrypto/certkeys.c: fixed memleak in msrypto + +2006-02-14 Aleksey Sanin <aleksey@aleksey.com> + * include/xmlsec/mscrypto/x509.h src/mscrypto/x509vfy.h: + added an option for disabling system trusted certs + for mscrypto store (based on patch from Dmitry Belyavsky) + +2006-02-10 Aleksey Sanin <aleksey@aleksey.com> + * authors docs/authors.html + include/xmlsec/app.h include/xmlsec/private.h + include/xmlsec/strings.h include/xmlsec/mscrypto/crypto.h + include/xmlsec/mscrypto/symbols.h src/app.c src/dl.c + src/strings.c src/transforms.c src/mscrypto/certkeys.c + src/mscrypto/crypto.c src/mscrypto/digests.c + src/mscrypto/signatures.c src/skeleton/crypto.c: + added support for GOST94 for digests and + GOST 2001 keys/signatures: mscrypto only (patch from + Dmitry Belyavsky) + +2005-12-20 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/x509vfy.c: check MSCrypto store for certs + (patch from Dmitry Belyavsky); replace tabs with spaces + +2005-12-15 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/templates.h src/templates.c: functions + for adding X509IssuerName and X509SerialNumber nodes + to the template (patch from Dmitry Belyavsky) + +2005-11-14 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: fixing shrext vs. shrext_cmds conflict + +2005-09-25 Aleksey Sanin <aleksey@aleksey.com> + * src/nss/pkikeys.c: fixing xmlsec-nss crash + * configure.in: change crypto libs order to be openssl/nss/gnutls + +2005-07-12 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html: + preparation for new 1.2.9 release + +2005-07-12 Aleksey Sanin <aleksey@aleksey.com> + + * src/xmltree.c: fixing a problem with namespaces in the + nodes created by "template" functions + +2005-07-10 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/evp.c: added hack from Erwann ABALEA: + OpenSSL ENGINE keys are always private since we can't query + engine and do real check + +2005-07-10 Aleksey Sanin <aleksey@aleksey.com> + + * docs/* include/* src/* tests/*: added support for + RSA-MD5/RIPEMD160/SHA224/SHA256/SHA384/SHA512 for OpenSSL 0.9.8 + +2005-07-10 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/ include/ src/ tests/: implemented + SHA224/256/384/512, HMAC-SHA224/256/384/512, MD5 for OpenSSL 0.9.8 + +2005-07-10 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/xmldsig.html docs/xmlenc.html + include/xmlsec/app.h include/xmlsec/private.h include/xmlsec/strings.h + include/xmlsec/openssl/crypto.h include/xmlsec/openssl/symbols.h + src/app.c src/dl.c src/strings.c: preparations for SHA224/256/384/512 + and friends + +2005-07-09 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in tests/aleksey-xmldsig-01/* tests/keys/* + tests/merlin-xmldsig-twenty-three/signature.tmpl + tests/testDSig.sh: updating test certificates for picky + OpenSSL 0.9.8 + + +2005-07-08 Aleksey Sanin <aleksey@aleksey.com> + * configure.in src/openssl/x509vfy.c: initial support + for OpenSSL 0.9.8 + +2005-05-12 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/app.c: fixed "disable-x509" build option + (patch from Bernd Becker) + +2005-05-11 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/signatures.c: fixed "disable-dsa" build option + (patch from Bernd Becker) + +Wed 6 Apr 2005 00:18:21 CEST Igor Zlatkovic <igor@zlatkovic.com> + + * .cvsignore: added Eclipse project files + +2005-03-31 Aleksey Sanin <aleksey@aleksey.com> + + * src/xmltree.c: fixing warning from Solaris (bug #172201) + +2005-03-30 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + include/xmlsec/version.h: preparing new release 1.2.8 + +Tue 22 Mar 2005 20:10:19 CET Igor Zlatkovic <igor@zlatkovic.com> + + * apps/xmlsec.c: changed the type of the --depth parameter to + number. + +2005-03-06 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/nss/crypto.h src/nss/Makefile.am src/nss/crypto.c + src/nss/keytrans.c src/nss/kt_rsa.c: better rsa pkcs transform + using nss wrap/unwrap code (based on the OO.org patch) + +2005-03-06 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/nss/crypto.h src/nss/app.c + src/nss/crypto.c src/nss/x509.c: fixed nss initialization + problem + +2005-03-05 Aleksey Sanin <aleksey@aleksey.com> + + * src/nss/pkikeys.c: check that input public and private + keys have the same type (based on the OO.org patch) + +2005-03-05 Aleksey Sanin <aleksey@aleksey.com> + + * src/nss/digests.c src/nss/hmac.c src/nss/pkikeys.c + src/nss/signatures.c src/nss/x509.c src/nss/x509vfy.c: + print more detailed error message (based on the OO.org patch) + +2005-03-04 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/x509vfy.c: fixed cert search (based on the OO.org patch) + +2005-03-01 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/app.c: added stubs for adding keys to mscrypto + keys manager from ms key handle + +2005-02-28 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/certkeys.c: WinNT 4.0 support (based on the OO.org patch) + +2005-02-28 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/certkeys.c: preparation for WinNT 4.0 support + +2005-02-28 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/x509.c: enable private key search for + a given certificate (based on the OO.org patch) + +2005-02-27 Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto/certkeys.c: use default context when + getting public key from a cert (based on the OO.org patch) + * src/mscrypto/x509vfy.c: search both trusted and untrusted + cert stores when cert with given parameters is needed or + when certs chain is constructed (based on the OO.org patch) + +2005-02-27 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/mscrypto/app.h include/xmlsec/mscrypto/x509.h + src/mscrypto/app.c src/mscrypto/x509vfy.c: + added function to add custom MS cert stores + to the xmlsec-mscrypto default keys manager + (based on the OO.org patch). + +2005-02-22 Aleksey Sanin <aleksey@aleksey.com> + + * docs/*: updated docs + +2005-02-22 Aleksey Sanin <aleksey@aleksey.com> + + * docs/index.html docs/news.html include/xmlsec/templates.h + src/templates.c: added functions to create <X509Data/> node + children in the signature template + +2005-02-22 Aleksey Sanin <aleksey@aleksey.com> + + * src/bn.c src/mscrypto/crypto.c src/mscrypto/x509.c + src/mscrypto/x509vfy.c tests/testDSig.sh + tests/aleksey-xmldsig-01/x509data-sn-test.tmpl + tests/aleksey-xmldsig-01/x509data-sn-test.xml + tests/keys/README tests/keys/*: support for + negative serial numbers, mscrypto cleanup + +2005-02-21 Aleksey Sanin <aleksey@aleksey.com> + + * docs/* docs/api/* man/*: updated docs + +2005-02-21 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in, docs/download.html, docs/index.html, docs/news.html, + include/xmlsec/version.h: preparing new release 1.2.7 + +2005-01-26 Aleksey Sanin <aleksey@aleksey.com> + + * src/bn.c: fixed xmlSecBnFromString function (patch from Michael Mi) + +2004-11-08 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/keysmngr.h src/keysmngr.c: added + xmlSecSimpleKeysStoreGetKeys() function + +2004-11-07 Aleksey Sanin <aleksey@aleksey.com> + + * src/xmltree.c: fixed xmlSecGenerateID + +2004-10-27 Aleksey Sanin <aleksey@aleksey.com> + + * src/dl.c: set dl memory functions before initialization (from + Daniel Vogelheim patch) + +2004-10-14 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509vfy.c: fixed bug #155329 (parsing quoted values + in the certificate subject) + +2004-09-18 Aleksey Sanin <aleksey@aleksey.com> + * config.h.in configure.in inlude/xmlsec/private.h src/xmltree.c: + use xmlParseInNodeContext function to parse encrypted text in + xmlSecReplaceNodeBuffer, this bumps libxml2 requirements to 2.6.12 + (bug #142358) + +2004-08-25 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html + docs/news.html include/xmlsec/version.h: preparing + new release + +2004-06-21 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/app.h include/xmlsec/gnutls/app.h + src/app.c src/gnutls/app.c src/skeleton/app.c: added functions + to load keys and certificates from memory (Bernd Becker) + +2004-06-21 Aleksey Sanin <aleksey@aleksey.com> + + * src/bn.c: keep a '0' character when we remove '0' from the beggining + +2004-06-17 Aleksey Sanin <aleksey@aleksey.com> + + * src/xmlenc.c: added NULL check + * src/xmltree.c: fixed memory leak + +2004-06-16 Aleksey Sanin <aleksey@aleksey.com> + + * Fixed xmlSecTmplNodeWriteNsList() function + +2004-06-09 Igor Zlatkovic <igor@zlatkovic.com> + + * win32/configure.js win32/Makefile.* minor changes for the new + layout of the Windows binary package + +2004-05-13 Aleksey Sanin <aleksey@aleksey.com> + + * examples/xmldsigverify.c: disable extended debug output + (fixed a hole found by Pawel) + +2004-04-19 Aleksey Sanin <aleksey@aleksey.com> + + * src/nodeset.c: fixing C14N bug with processing namespaces from attributes + +2004-04-13 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html: + 1.2.5 release preparation + +2004-03-16 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/strings.h src/mscrypto/certkeys.c + src/nss/pkikeys.c src/openssl/evp.c src/strings.c: added J node + for DSAKeyValue + * tests/phaos-xmldsig-three/* tests/testDSig.sh: added new + phaos-xmldsig-three XMLDSig tests vectors + +Mon Feb 23 17:44:29 2004 Aleksey Sanin <aleksey@aleksey.com> + + * examples/xkms-server.c: finished xkms-server example + +Thu Feb 19 16:01:38 2004 Aleksey Sanin <aleksey@aleksey.com> + + * examples/.cvsignore examples/Makefile examples/Makefile.w32 + examples/xkms-server.c: started work on xkms server example + +Thu Feb 19 12:32:55 2004 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/xkms.h include/xmlsec/xmltree.h src/xkms.c + src/xmlsec.c src/xmltree.c: added ID attribute generation for xkms + * tests/aleksey-xkms-01/* tests/testXKMS.sh: modified xkms tests + to ignore Id attribute in comparison + +Fri Feb 13 00:05:02 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in include/xmlsec/private.h: fixed libxslt configuration + problem + +Mon Feb 9 08:40:26 2004 Aleksey Sanin <aleksey@aleksey.com> + + * src/xmltree.c: fixed bug with encrypting nodes with + no content (reported by Tomas Seiger) + +Sat Feb 7 22:42:11 2004 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/* src/* tests/*: added XKMS SOAP 1.2 bindings + +Thu Feb 5 23:37:24 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c include/* src/* tests/*: added XKMS SOAP 1.1 bindings + +Thu Feb 5 16:26:40 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: added new params for xkms + * include/xmlsec/Makefile.am include/xmlsec/private/xkms.h: + added new private xmlsec headers folder + * include/xmlsec/xmltree.h src/xmltree.c: created code for + reading/writing qname values + * include/xmlsec/strings.h include/xmlsec/soap.h + src/strings.h src/soap.c src/Makefile.am: created basic soap + messages parsing framework + * include/xmlsec/xkms.h src/xkms.c: added xkms request format + enum and parameters + * tests/aleksey-xkms-01/ tests/testXKMS.sh: added new tests + +Wed Feb 4 01:26:51 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: created new --xkms-format parameter + (plain/soap-1.1/soap-1.2) + * configure.in xmlsec.spec.in include/xmlsec/Makefile.am + include/xmlsec/private/*: move internal xkms declarations to + a newly created "xmlsec/private" includes folder + * include/xmlsec/strings.h include/xmlsec/xkms.h + src/strings.c src/xkms.c tests/testXKMS.sh: preparation for soap + request/response suppport + +Tue Feb 3 22:44:36 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: combined xkms server commands into one + * include/xmlsec/* src/*: added ValidateRequest/ValidateResult + StatusRequest/StatusResult and CompoundRequest/CompoundResult + * tests/aleksey-xkms-01/* tests/testXKMS.sh: added new negative + test cases + +Tue Feb 3 18:12:10 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: added xkms server "expected service" param + * include/xmlsec/* src/*: created errors fallback when processing + xkms requests + * tests/aleksey-xkms-01/* tests/testXKMS.sh: added more negative + test cases + +Tue Feb 3 01:40:29 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: tweaked my debug environment + * include/xmlsec/xmltree.h src/xmltree.c: created string2int and string2bitmap + helper klasses + * include/xmlsec/keys.h src/keyinfo.c src/keys.c: added KeyUseWith list + to the KeyReq object + * include/xmlsec/strings.h src/strings.c: added some xkms strings + * include/xmlsec/xkms.h src/xkms.c: LocateRequest (except signatures) + and most of LocateResult + +Mon Feb 2 16:55:13 2004 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/xkms.h src/strings.c src/xkms.c: read xkms RequestAbstractType + and write xkms ResponseQbstractType (no signatures) + * Makefile.am tests/testXKMS.sh: created check-xkms target and script + * tests/aleksey-xkms-01: even more keys (der/pkcs12 formats), + "key not found" tests + +Mon Feb 2 13:12:07 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c include/xmlsec/xkms.h include/xmlsec/xmlsec.h src/xkms.c: + updated xkms schemas from xkms 2.0, renamed a couple functions + + * tests/aleksey-xkms-01: copied new examples from xkms 2.0 spec + and created keys for using with these examples + +Mon Jan 26 11:48:42 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + include/xmlsec/version.h: preparation for 1.2.4 release + * docs/related.html: added link to PyXmlSec project + +Fri Jan 23 16:30:38 2004 Aleksey Sanin <aleksey@aleksey.com> + + * docs/xmlsec-man.html man/xmlsec1-config.1 man/xmlsec1.1 + xmlsec-config.in: make xmlsec1-config man page generic + +Fri Jan 23 09:34:10 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: and one more config bug from John + +Thu Jan 22 16:24:44 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: and one more gnutls configuration bug from John + +Thu 22 Jan 2004 10:56:33 AM PST <aleksey@aleksey.com> + + * src/buffer.c src/list.c: don' pass NULL to xmlRealloc() + +Mon Jan 12 13:05:18 2004 Aleksey Sanin <aleksey@aleksey.com> + + * examples/encrypt3.c include/xmlsec/crypto.h include/xmlsec/nss: make + exmaples compile with nss (again reported by John) + +Mon Jan 12 10:30:24 2004 Aleksey Sanin <aleksey@aleksey.com> + + * xmlsec-config.in: fixed nss configuration bug (reproted by John) + +Sat Jan 10 19:03:17 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in src/gnutls/ciphers.c src/gnutls/digests.c src/gnutls/hmac.c: + restored support for gnutls < 1.0 by request from John + +Mon Jan 5 12:55:44 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html + docs/news.html docs/xmlsec-man.html include/xmlsec/version.h + man/xmlsec1-config.1 man/xmlsec1.1: preparing 1.2.3 release + +Mon Jan 5 12:42:52 2004 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in src/gnutls/ciphers.c src/gnutls/digests.c + src/gnutls/hmac.c: upgraded gnutls to 1.0.4 (bug #129190) + +Thu 13 Nov 2003 08:19:55 AM PST <aleksey@aleksey.com> + + * src/mscrypto/app.c: fixed non-initialized values (Glenn) + +2003-11-11 Aleksey Sanin <aleksey@aleksey.com> + + * docs/download.html docs/index.html docs/news.html + man/xmlsec1.1: preparing 1.2.2 release + +Mon Nov 10 21:22:36 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/bn.c: fixed xmlSecBnToDecString problem (reported by Edward) + +Thu Nov 6 22:52:57 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: use pkgconfig for configuration if possible + (based on Daniel's idea) + * include/xmlsec/private.h include/xmlsec/xmltree.h + src/errors.c src/openssl/app.c: made xmlSecStrPrintf and + xmlSecStrVPrintf declarations private to xmlsec to fix + examples build failure + +Wed Nov 5 14:19:11 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: fixed "--with-html-doc" option (patch from Daniel) + +Wed Nov 5 13:39:47 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: fixed "--with-mozilla-ver" option for ./configure + script (patch from Daniel) + +Wed Oct 29 07:55:17 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in include/xmlsec/xmltree.h src/dl.c + src/errors.c src/mscrypto/crypto.c src/nss/crypto.c + src/openssl/app.c: fixed snprintf and vsnprintf warnings (bug #125684) + +Mon Oct 20 19:34:35 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: created "--with-html-dir" option + to specify docs installation path + +Mon Oct 20 08:40:46 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: load correct static openssl library when + more than one one openssl version is available (patch + from Roumen, bug #124534) + +Mon Oct 13 19:43:52 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + include/xmlsec/version.h: new 1.2.1 release + +Mon Oct 13 19:29:55 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/Makefile.am: added support for XMLSEC_DOCDIR + environment variable to ./configure script and removed *.sgml + files from docs installation + +Sat Oct 11 21:16:54 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/strings.h include/xmlsec/templates.h + src/strings.c src/templates.c: added template functions + for creating <enc:KeyReference/> and <enc:DataReference/> + nodes (based on patch from Wouter) + +Thu 09 Oct 2003 03:59:02 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/nodeset.c src/transforms.c: don't ignore nodes on the document + root element level (bug #124245) + +Sun Oct 5 01:05:30 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/transforms.h include/xmlsec/xmldsig.h + src/transforms.c src/xmldsig.c src/xpath.c apps/xmlsec.c + docs/faq.html: implemented Visa 3D hack to process some + URI attributes without XPath/XInclude engines + +Thu Oct 2 10:28:59 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/dl.c src/openssl/app.c src/openssl/x509vfy.c: fixing + compilation warnings reported in bug #123692 + +Wed Oct 1 19:05:13 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/gnutls/README src/mscrypto/README src/nss/README + src/openssl/README: updated README files + +Wed 01 Oct 2003 09:11:58 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/dl.h: moved closing bracket for "extern "C" + a couple lines up to be in the right place (bug #123640) + +Mon 29 Sep 2003 07:27:14 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/download.html docs/index.html docs/news.html: preparation + for 1.2.0 release + +Mon 29 Sep 2003 07:07:07 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/mscrypto: 2nd code review pass + +Sat Sep 27 18:31:20 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/openssl/crypto.h src/openssl/app.c + src/openssl/crypto.c src/openssl/x509vfy.c: added "default trusted certs" + folder and make it an input parameter to xmlSecOpenSSLAppInit method. + * examples/xmldsigverify.c: make use of this change + +Sat 27 Sep 2003 05:23:41 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * examples/ docs/tests/ docs/ : created new xmldsigverify script + and upgraded tests + +Fri 26 Sep 2003 05:27:08 PM PDT Aleksey Sanin <aleksey@aleksey.com> + * src/mscrypto/ include/xmlsec/mscrypto/ : added API documentation + from Wouter + * docs/ : re-run the docs generation to pickup the new documentation + +Thu Sep 25 23:10:19 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/authors.html: added "authors and contributors" page + * docs/ man/: regenerated docs to include xmlsec-mscrypto and link to new + authors.html page + * include/ src/: api reference documentation updates + +Thu Sep 25 20:47:11 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/keysdata.h: introduced new cert-pem and cert-der + key formats (public key in a certificate) + * include/xmlsec/nss/app.h nclude/xmlsec/nss/x509.h + include/xmlsec/openssl/app.h include/xmlsec/openssl/x509.h + src/nss/app.c src/nss/crypto.c src/nss/x509.c + src/openssl/app.c src/openssl/x509.c + src/mscrypto/app.c: implemented support for new formats + in OpenSSL, NSS and MSCrypto + * apps/xmlsec.c: added "--pubkey-cert-pem" and "--pubkey-cert-der" options + * tests/testDSig.sh tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der: + use certificate for public keys + +Thu 25 Sep 2003 05:51:37 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * include/ src/ win32/ docs/ Makefile.am configure.in: merging + from XMLSEC_MSCRYPTO_083103 branch - new xmlsec-mscrypto library + implemented by Wouter, general functions for reading keys and certs + from memory (openssl/nss/mscrypto), default error callback for nss, + moving private keys in 01-phaos-enc tests to pkcs12 file. + +Thu Sep 25 11:39:22 2003 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: added root nodes namespaces registration + for "--node-xpath" command line option processing (by request + from Jan-Olof) + +Sat 20 Sep 2003 11:19:14 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * HACKING: added more info about hacking with xmlsec + +Tue Sep 16 11:28:03 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/download.html docs/index.html docs/news.html: preparation + for 1.1.2 release + +Tue Sep 16 02:28:41 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/Makefile.am: link xmlsec lib with dl librarias + +Sun 14 Sep 2003 02:13:51 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * tests/testEnc.sh: added "--session-key <key>" paramater + to all tests with <EncryptedKey/> (problem reported by Wouter) + +Fri 12 Sep 2003 09:43:21 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/buffer.h src/buffer.c: added functions to convert + binary buffer to hex string and vice versa (based on patch from Remy) + +Thu Sep 11 17:08:15 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/Makefile.am src/dl.c src/xmlsec-ltdl.h src/xmlsec-ltdl.patch + win32/Makefile.msvc: use ltdl on Windows too + +Thu Sep 11 16:39:18 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/ltdl.* src/Makefile.am: upgraded to ltdl from libtool 1.4 + +Wed Sep 10 18:12:52 2003 Aleksey Sanin <aleksey@aleksey.com> + + * xmlsec.spec.in: separated xmlsec and xmlsec-devel RPM + pacakges into xmlsec, xmlsec-openssl, xmlsec-devel and xmlsec-openssl-devel + +Wed Sep 10 13:19:10 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/version.h include/xmlsec/version.h.in + include/xmlsec/xmlsec.h src/xmlsec.c + src/gnutls/crypto.c src/nss/crypto.c + src/openssl/crypto.c src/skeleton/crypto.c: + apps/xmlsec.c examples/*.c + docs/api/chapters/init-and-shutdown.sgml: implemented new + function and macroses to check loaded xmlsec library + version from xmlsec-crypto libraries and apps + +Wed Sep 10 12:36:17 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/dl.c win32/Makefile.msvc win32/mycfg.bat: implemented + dynamic xmlsec-crypto libraries loading for Windows + +Wed Sep 10 00:02:55 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am configure.in xmlsec-config.in xmlsec.pc.in: added + support for xmlsec-crypto DL mode in xmlsec.pc and xmlsec-config files + + * examples/*: added support for xmlsec-crypto DL mode to examples + + * include/xmlsec/app.h include/xmlsec/private.h + include/xmlsec/version.h include/xmlsec/x509.h + src/app.c src/x509.c src/xkms.c: new API reference documentation + + * docs/* man/* : included info about xmlsec-crypto DL mode in + tutorial and re-build docs to include new api reference docs + + * tests/testDSig.sh tests/testEnc.sh tests/testKeys.sh: added + additional information printout + + * win32/Makefile.msvc: excluded XKMS from windows builds + +Tue Sep 9 16:14:01 2003 Aleksey Sanin <aleksey@aleksey.com> + + * win32/Makefile.msvc win32/configure.js win32/mycfg.bat win32/mycfg_nss.bat: + windows build cleanup (bug #121579) + +Tue Sep 9 12:52:00 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am apps/* configure.in include/* src/* tests/*: implemented + loading xmlsec-crypto libraries as plugins (bug #121579) + * win32/: change build to allow building of more than one + xmlsec-crypto library (bug #121579) + +Sun 24 Aug 2003 05:20:14 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/faq.html: upgraded licenses FAQ section to include + information about xmlsec-nss and xmlsec-gnutls + +Fri Aug 22 11:06:28 2003 Aleksey Sanin <aleksey@aleksey.com> + + * win32/Makefile.msvc: fixed linkinig problem on Windows (bug #120498) + +Fri Aug 22 09:54:04 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in include/xmlsec/errors.h: determine if __FUNCTION__ or + __func__ are defined from ./configure script. This should fix bug #120469 + and prevent this problem from happening in the future. + * src/c14n.c src/openssl/kt_rsa.c src/transforms.c: fixed minor + warnings because of using strcmp, strchr, etc. functions with xmlChar* + variables by switching to xmlStrcmp, xmlStrchr, etc. (also bug #120469) + +Wed Aug 20 21:26:00 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/api/sgml/version.sgml docs/api/xmlsec-version.html + docs/index.html docs/news.html docs/xmlsec-man.html + include/xmlsec/version.h man/xmlsec1-config.1 man/xmlsec1.1: new 1.1.1 + release preparation + * docs/*: re-run docs generation/formatting + +Fri Aug 8 22:18:45 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/xpath.c: register namespaces before processing XPointer + expression in the URI attribute (bug #119462, reported by Steve) + +Fri Aug 8 09:06:53 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/keys.h src/keys.c: added xmlsec-core functions to + read keys from memory (patch from Joachim) + +Thu Aug 7 11:38:43 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/openssl/app.h src/openssl/app.c: added functions + to read keys and certs in xmlsec-openssl from memory and BIOs + (bug #119350, patch based on the code from Joachim) + +Wed Aug 6 08:57:20 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in + xmlsec-openssl.pc.in xmlsecConf.sh.in: + config bug fixing and improvements from Roumen + +Mon Aug 4 19:39:52 2003 Aleksey Sanin <aleksey@aleksey.com>i + + * include/xmlsec/Makefile.am include/xmlsec/x509.h src/Makefile.am + src/x509.c src/openssl/x509.c win32/Makefile.msvc: moved code for + reading X509Data node content from xmlsec-openssl to xmlsec-core + to allow sharing with xmlsec-nss + * src/nss/README src/nss/x509.c: added X509Data templates support + for xmslec-nss (bug #118636, based on patch from Tej) + +Mon 04 Aug 2003 04:06:02 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs: rebuilding docs to get nss api reference + +Mon Aug 4 14:47:02 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am xmlsec.spec.in: added HACKING file to the distribution + * docs/download.html docs/index.html docs/news.html: updated docs + for new 1.1.0 release + +Wed Jul 30 18:35:15 2003 Aleksey Sanin <aleksey@aleksey.com> + + * xmlsec-gnutls.pc.in xmlsec-nss.pc.in xmlsec-openssl.pc.in: and + one more change for the same bug #118685 - don't put "crypto" + in version, use xmlsec1-crypto name instead of xmlsec-crypto, + don't include nss flags and libs for xmlsec1-nss.pc + +Wed Jul 30 15:23:17 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in + xmlsec-openssl.pc.in xmlsec.pc.in: more *.pc files fixes + for the same bug #118685 + +Wed Jul 30 11:49:20 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in + xmlsec-openssl.pc.in: created separate *.pc files for xmlsec-crypto + libraries (bug #118685 reported by John) + +Tue Jul 29 20:20:33 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/nss/README: created xmlsec bugs for remian xmlsec-nss problems + +Tue 29 Jul 2003 07:41:18 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/ include/ docs/ man/ configure.in: merged xmlsec-nss + from the branch (Tej) + +Tue Jul 29 08:44:24 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509.c: minor patches for errors (Roumen) + * src/xmltree.c: fixed xmlIsEmptyNode() to return false + if there is an element child + +Mon Jul 28 12:02:40 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/keyinfo.h: added XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE flag + * include/xmlsec/xmltree.h src/xmltree.c: added xmlSecIsEmptyNode and + xmlSecIsEmptyString functions + * src/openssl/x509.c: added an ability to write complex X509Data node + content (based on patch from Roumen) + * tests/testDSig.sh tests/aleksey-xmldsig-01/x509data-test.*: new test for + complex X509Data node writing + * tests/keys/ca2key.p12 tests/keys/dsakey.p12 tests/keys/rsakey.p12: new + pkcs12 keys for tests + +Sun 20 Jul 2003 08:10:53 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * apps/ include/ src/ docs/api/ Copyright: updated copyrights + everywhere + +Fri 18 Jul 2003 10:30:33 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * HACKING: added a coding and commiting rules + +Wed 16 Jul 2003 10:11:23 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * examples/README, examples/binary.dat: added examples of using + command line tool + +Wed 16 Jul 2003 12:50:00 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * examples/myw32make.bat win32/mycfg-nss.bat: rename these + files to clear exec bit (John) + + * man/Makefile.am: use "--no-info" option in help2man + +Mon Jul 14 11:06:16 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/api/sgml/version.sgml docs/download.html + docs/api/xmlsec-version.html docs/index.html docs/news.html + docs/xmlsec-man.html include/xmlsec/version.h man/xmlsec1-config.1 + man/xmlsec1.1: preparation for 1.0.4 release + * docs/api/xmlsec-notes-encrypt.html docs/api/xmlsec-notes-sign.html: + fixed a mistype + * docs/extra/xmlsec_oscon_2003.ppt: minor update + +Fri Jul 11 13:33:28 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am: fixed builddir != sourcedir one more time (use abs_top_* + instead of top_*) + * configure.in: upgraded mozilla search path to 1.4 + +Mon 07 Jul 2003 08:05:18 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/apps.c src/openssl/x509.c src/openssl/x509vfy.c: fixed + sk_push() return value check problem (reported by Roumen) + +Mon 07 Jul 2003 07:02:46 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am: fixed test suite problem when builddir != sourcedir + (reported by Roumen) + +Thu Jul 3 07:57:25 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509vfy.c: added a const word to suppress + warnings (Roumen) + +Wed Jul 2 08:53:50 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509vfy.c: fixed certificates subject + comparison function to handle multiple occurence + of entries with the same value (bug report from + Roumen) + +Tue Jun 17 19:22:17 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/download.html: fixing links to tarballs for local + files (requested by John) + + * examples/myw32make.bat win32/mycfg-nss.bat: clearing exec bit + +Mon Jun 16 10:43:34 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + docs/xmlsec-man.html include/xmlsec/version.h man/xmlsec1-config.1 + man/xmlsec1.1: new 1.0.3 version preparation + + * docs/Makefile.am docs/api-0.0.x/*: fixed second level links + processing + + * docs/api/sgml/* docs/api/tmpl/* docs/api/*: added new API calls + +Mon Jun 16 09:20:53 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: fixed NSS config bug #115297 + +Sun Jun 8 20:08:42 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: fix for 'make distclean' + +Sat Jun 7 20:35:25 2003 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am apps/* include/xmlsec/keysdata.h src/openssl/app.c tests/*: + added PKCS#8 support (based on Tej's patch) + +Fri Jun 6 14:53:25 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509.c: skip ASN1 time check for OpenSSL 0.9.6 + +Thu Jun 5 19:32:12 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/*: fixing online verifier link + +Wed Jun 4 19:12:21 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: added _ALL_SOURCE define for aix + +Wed Jun 4 08:25:46 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/x509.c: fix my_gmtime function + +Mon 02 Jun 2003 09:38:13 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * removed debian folder + +Sun Jun 1 20:30:08 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html + docs/xmlsec-man.html include/xmlsec/version.h man/xmlsec1-config.1 + man/xmlsec1.1: preparing 1.0.2 release. + * docs/xmldsig-verifier.html: point online verifier to web site + +Thu May 29 17:15:04 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/gnutls/Makefile.am src/nss/Makefile.am + src/openssl/Makefile.am src/skeleton/Makefile.am: don't use GCC + options in Makefiles + +Tue May 27 20:12:41 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in xmlsec-config.in xmlsecConf.sh.in + src/gnutls/Makefile.am src/nss/Makefile.am src/openssl/Makefile.am: + change xmlsec-config script to let user specify crypto engine + (requested by John Belmonte) + +Sun May 25 22:01:45 2003 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c docs/xmlsec-man.html man/xmlsec1-config.1 man/xmlsec1.1: + fixed help typo (reported by John Belmonte) + * examples/README: removed obsolete autoconf information (reported by John Belmonte) + * configure.in: added /usr/include/mozilla to NSS include path search list (reported by John Belmonte) + +Thu May 15 03:08:18 2003 Aleksey Sanin <aleksey@aleksey.com> + + * apps/crypto.c apps/crypto.h apps/xmlsec.c: added command line + options to support DER keys and certs format (Tej) + * Makefile.am: use DER format for all tests + * tests/testDSig.sh tests/testEnc.sh tests/testKeys.sh: added a new + command line option "key-format" with possible values "der" or "pem" + * tests/*/*.der tests/merlin-xmldsig-twenty-three/certs/*.crt: + converted PEM keys and certs to DER format, removed *.crt files that + used to have DER certificates (Tej) + * tests/merlin-xmlenc-five/*.p8: re-added *.p8 files with '-kb' option + +Mon 12 May 2003 01:38:11 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: use '-rpath-link' instead '-rpath' for NSS (Wan-Teh) + +Mon May 12 10:01:30 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: link with NSS using -rpath (Tej) + +Mon May 5 08:00:31 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in: new configuration options for NSS (Tej) + * src/nss/app.c src/nss/ciphers.c src/nss/crypto.c + src/nss/digests.c src/nss/hmac.c: use NSS style includes (Tej) + +Fri 02 May 2003 12:00:47 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/app.c: adopt instead of copy the key cert + from pkcs12 fil + +Thu May 1 08:17:06 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/xmltree.h src/xmltree.c src/keysmngr.c: + created a new function to quickly create a doc with one root node + * src/list.c: fixed bug in xmlPtrListEmpty() function + * src/xkms.c: created framework for Locate request/result processing + +Wed Apr 30 16:31:10 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/strings.h src/strings.c: added strings + for XKMS (XKISS) Locate request/result + +Wed Apr 30 01:01:06 2003 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in: added check for timegm function + * include/xmlsec/keys.h + * include/xmlsec/xkms.h src/xkms.c apps/xmlsec.c: framework + for xmlSecXkmsLocate/Validate functions + * src/keys.c src/openssl/x509.c: added notValidBefore and + notValidAfter time frame to xmlSecKey + * src/xmldsig.c src/xmlenc.c: added "output" asserts to + the *DebugDump() and *DebugXmlDump() functions + * tests/aleksey-xkms-01/locate-compound.xml + tests/aleksey-xkms-01/locate-key-from-usewith.xml + tests/aleksey-xkms-01/locate-keyvalue-from-x509.xml + tests/aleksey-xkms-01/readme.txt: XKMS test cases + +Tue Apr 29 16:37:18 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in include/xmlsec/Makefile.am include/xmlsec/strings.h + include/xmlsec/xkms.h include/xmlsec/xmlsec.h + src/Makefile.am src/strings.c src/xkms.c apps/xmlsec.c: first + XKMS framework (disabled by default) + +Mon Apr 28 21:13:03 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/download.html docs/index.html docs/news.html: preparing + 1.0.1 release. + +Sun Apr 27 18:05:23 2003 Igor Zlatkovic <igor@zlatkovic.com> + + * win32/Makefile.msvc: defined _REENTRANT to enable compilation + with threaded libxml2 + +Thu Apr 24 08:15:32 2003 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in include/xmlsec/xmlsec.h: use + '#define' instead of 'typedef' for the new xmlSecSize and + xmlSecByte types in order to keep ABI + +Tue Apr 22 13:51:33 2003 Igor Zlatkovic <igor@zlatkovic.com> + + * win32/configure.js: updated the email address in the generated + readme.txt file. + +Sun 20 Apr 2003 03:12:02 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/*: updated docs with new xmlSecByte and xmlSecSize types + * configure.in include/xmlsec/version.h: upgraded version to 1.0.1 + +Sun 20 Apr 2003 02:57:06 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/* include/* apps/*: replaced 'unsigned char' with xmlSecByte + typedefed to 'unsigned char' to make happy OpenBSD on sparc64 + * examples/*: replaced configure.in with simple Makefile to + prevent problems on different platforms + +Sun 20 Apr 2003 02:37:41 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/* include/* apps/*: replaced size_t with xmlSecSize + typedefed to 'unsigned int' to make happy OpenBSD on sparc64 + +Sat Apr 19 01:08:30 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/openssl/kw_des.c src/openssl/signatures.c: + included openssl/sha.h to help OpenBSD port + +Wed 26 Mar 2003 01:43:24 AM PST Aleksey Sanin <aleksey@aleksey.com> + + * docs: 0.1.1 release + +Wed Mar 19 22:56:49 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in include/xmlsec/version.h + docs/download.html docs/index.html docs/news.html + xmlsec.pc xmlsec.spec: 0.0.14 release + +Wed Mar 19 10:59:41 2003 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: force Signature or EncryptedData node + selection when specifing start node from xmlsec tool + command line + +Mon Mar 10 07:59:55 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/transforms.c: fixed Reference URI evaluation for + the "xmlns()xpointer()" construction + +Wed Mar 5 19:43:43 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/index.html docs/news.html: new 0.1.0 release + +Mon Feb 24 10:04:36 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/xmltree.c src/xslt.c: fixed bug in xmlSecTransformXsltAdd + +Fri Feb 21 13:06:44 2003 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in include/xmlsec/version.h + docs/download.html docs/index.html docs/news.html + xmlsec.pc xmlsec.spec: 0.0.13 release + +Fri Feb 21 12:59:48 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/transforms.c: fixed incorrect processing of more than + 3 binary transforms in a row + +Mon Feb 17 09:34:12 2003 Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* include/xmlsec/xmldsig.h + src/keysmngr.c src/xmldsig.c: minor documentation bug fixes + based on Jesse Pelton's email + +Fri Feb 14 12:44:48 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/x509.c: set "verified" cert when loading pkcs12 file. + +Wed Feb 5 09:49:30 2003 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c include/xmlsec/keysmngr.h + src/keysmngr.c src/x509.c: provide an ability + to specify max cert verification depth + (based on patch from Jean-Etienne SCHWARTZ) + +Sun Jan 26 22:04:45 2003 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in include/xmlsec/version.h + docs/news.html docs/download.html docs/index.html + xmlsec.pc xmlsec.spec: preparation for 0.0.12 release + +Sun Jan 26 21:39:56 2003 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/digests.h src/hmac.c: fixed 91 bits HMAC + bug reported by Rich Salz and Jonathan Wenocur + * tests/aleksey-xmldsig-01/dtd-hmac-91.dtd + tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl + tests/aleksey-xmldsig-01/dtd-hmac-91.xml + * tests/testDSig.sh: the test case for 91 bits HMAC bug + from Rich Salz and Jonathan Wenocur + * apps/xmlsec.c: fixing minor compile warnings for + the external DTD patch + +Sun Jan 26 18:19:49 2003 Aleksey Sanin <aleksey@aleksey.com> + + * src/aes.c src/ciphers.c src/des.c: fixed bug with + EVP ciphers for OpenSSL 0.9.7 when last block was not + processed for padding + * tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data + tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl + tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml + tests/testEnc.sh: new test case for the bug fixed above + +Wed Jan 22 11:37:36 2003 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c man/xmlsec.xml: applied patch from Rich Salz + to allo external DTD specification for the xmlsec application + +Mon 30 Dec 2002 09:52:58 AM PST Aleksey Sanin <aleksey@aleksey.com + * configure.in docs/examples/dsig1/Makefile docs/examples/dsig2/Makefile + docs/examples/dsig3/Makefile docs/examples/dsig4/Makefile + docs/examples/dsig5/Makefile docs/examples/enc1/Makefile + docs/examples/enc2/Makefile src/Makefile.am: fixed bug #102196 -- + Sun CC does ot have -WAll and -ansi options + * include/xmlsec/errors.h: fixed bug #102194 -- Sun CC does not have + __FUNCTION__ macro + +Sat Dec 21 22:47:33 2002 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: added "--node-xpath" option for specifing + the operation "start node" (code based on patch from + Ferrell Moultrie (ISSAtlanta) + * src/transforms.c: fixed minor compilation warnings + * src/x509.c: certs and crls are base64 encoded with 60 characters + lines size (bug #101523) + +Mon Dec 2 23:38:34 2002 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in include/xmlsec/version.h + docs/news.html docs/download.html docs/index.html + xmlsec.pc xmlsec.spec: new 0.0.11 release updates + * scripts/build_release.sh scripts/push_release.sh + scripts/test_release.sh: checking in build scripts I am using + +Thu Nov 28 11:57:17 2002 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: print detailed help report only when + user requests it; don't fail if key is not generated + when algorithm is disabled + + +Thu Nov 28 10:44:06 2002 Aleksey Sanin <aleksey@aleksey.com> + + * src/transforms.c: fixed a bug in numeric references evaluation + reported by Ingo Fischer + +Wed Oct 30 17:14:03 2002 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in: do not add -I/usr/include + or -L/usr/lib if OpenSSL happens to be there + (patch proposed by Scott Cantor) + +Mon Oct 21 11:28:01 CEST 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de> + + * include/xmlsec/errors.h: fixed the __FUNCTION__ macro logic + +2002-10-20 Aleksey Sanin <aleksey@aleksey.com> + + * config.h.in configure.in include/xmlsec/version.h + xmlsec.pc xmlsec.spec docs/download.html + docs/index.html docs/news.html: preparing 0.0.10 release + +Sun 13 Oct 2002 09:37:38 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * configure.in apps/Makefile.am: added dynamic linking option + by request from John Belmonte + +Fri Oct 11 09:13:27 2002 Aleksey Sanin <aleksey@aleksey.com> + + * tests/testDSig.sh configure.in apps/xmlsec.c: applied patch from + Ferrell Moultrie and removed strptime() function usage completelly + * include/xmlsec/errors.h src/errors.c src/x509.c: added more + error to the cert verification + +Thu Oct 10 00:44:36 2002 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl + tests/aleksey-xmldsig-01/enveloping-expired-cert.xml + tests/keys/expired.crt tests/keys/expired.csr tests/keys/expired.key + tests/testDSig.sh: added test case to verify the new "expired cert" feature + +Wed Oct 9 23:09:46 2002 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c include/xmlsec/x509.h src/keysmngr.c + src/x509.c: added support for certificate verification parameter + when OpenSSL 0.9.6 is used + +Wed Oct 9 20:58:58 2002 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/keyinfo.h include/xmlsec/keys.h + include/xmlsec/keysmngr.h include/xmlsec/x509.h + include/xmlsec/xmldsig.h include/xmlsec/xmlenc.h + src/keyinfo.c src/keys.c src/keysmngr.c + src/x509.c src/xmldsig.c src/xmlenc.c: added certificates + verification time parameter as it was suggested in the + xmlsec mailing list + * apps/xmlsec.c: added "--verification-time" parameter + * config.h.in configure.in: added necessary check for + strptime() function + +Mon Oct 7 19:22:11 2002 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: added "--output" option to spefcify output file + * docs/xmlsec-man.html man/create.sh man/xmlsec.1 man/xmlsec.xml: + changed the docs to reflect new "--output" option + * tests/testDSig.sh tests/testEnc.sh: changed tests to use new + "--output" option + * configure.in xmlsec.pc xmlsec.spec: minor config changes + +Sun Sep 29 20:12:17 CEST 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de> + + * win32/Makefile.msvc: resolved further static link issues. + +Sat Sep 28 19:14:40 CEST 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de> + + * include/xmlsec/errors.h: added MSVC to the list of compilers with + the predefined __FUNCTION__ macro. + * include/xmlsec/xmlsec.h: resolved XMLSEC_EXPORT mess. + * win32/Makefile.msvc: introduced a double-run compilation, resolved + the static link problems. + * win32/configure.js: added the iconv=yes|no option, important when + linking statically to libxml. + +Wed 25 Sep 2002 21:28:21 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/x509.h src/x509.c: opened xmlSecX509Data + structure by request from Moultrie, Ferrell + +Wed 04 Sep 2002 06:54:23 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/errors.c: aplied a patch from Ferrell Moultrie (additional + errors strings for OpenSSL errors functions) + +Tue 03 Sep 2002 06:24:57 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * xmlsec-config.in: fixed a bug when xslt is not available + +Mon 02 Sep 2002 12:20:03 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/*: added LibXML2, LibXSLT and OpenSSL logos + +Sat Aug 31 17:12:56 2002 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/keys.h include/xmlsec/x509.h + include/xmlsec/xmldsig.h include/xmlsec/xmlenc.h + src/keys.c src/x509.c src/xmldsig.c src/xmlenc.c: + added new function *DebugXmlDump() to print debug info + in XML format + * apps/xmlsec.c man/xmlsec.1 man/xmlsec.xml: added new + options '--print-xml' and '-print-to-file' + +Sat 31 Aug 2002 03:43:20 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/examples: added a new dsig example from Devin Heitmueller + +Thu 29 Aug 2002 01:48:35 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/examples/dsig3 docs/examples/dsig4: fixed minor problems + +Thu 29 Aug 2002 08:52:02 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: fixed minor copy/paste typo (thanks to Devin Heitmueller) + +Wed 28 Aug 2002 04:22:10 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs: new 0.0.9 release to fix release packaging problems + +Fri Aug 23 10:54:39 2002 Aleksey Sanin <aleksey@aleksey.com> + + * configure.in docs/download.html docs/index.html docs/news.html: + New 0.0.8 release. + +Thu Aug 15 21:08:41 2002 Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* include/xmlsec/Makefile.am include/xmlsec/xpath.h + src/xpath.c: removed xpath "here()" function declaration + from global view and xpath.h file, rebuilt docs. + +Thu 15 Aug 2002 08:45:26 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* src/* include/xmlsec/*: finished writing + documentation for 370+ internal and external symbols + +Thu 15 Aug 2002 08:14:50 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * tests/keys/README: applied patch from <xafilac@gmx.de> + (bug #90824) + +Wed Aug 14 19:38:56 2002 Aleksey Sanin <aleksey@aleksey.com> + + * NEWS README: minor updates + * docs/documentation.html docs/xmlsec-man.html man/Makefile.am: + published xmlsec utility man page + +Wed Aug 14 19:27:09 2002 Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* include/xmlsec/base64.h include/xmlsec/bn.h + include/xmlsec/transforms.h src/aes.c src/base64.c + src/bn.c src/buffered.c src/c14n.c src/ciphers.c + src/des.c src/digests.c src/dsa.c src/enveloped.c + src/xmltree.c: and more and more documentation + +Wed Aug 14 17:32:23 2002 Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* include/xmlsec/transforms.h + include/xmlsec/transformsInternal.h include/xmlsec/version.h + include/xmlsec/version.h.in src/errors.c src/xpath.c: + and more documentation... + +Wed Aug 14 16:30:44 2002 Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* include/xmlsec/keyinfo.h include/xmlsec/keys.h + include/xmlsec/keysmngr.h include/xmlsec/xmldsig.h + include/xmlsec/xmlenc.h src/debug.c src/keyinfo.c + src/keys.c src/keysmngr.c src/xmldsig.c src/xmlenc.c + tests/keys.xml: more documentation... + +Wed Aug 14 13:08:32 2002 Aleksey Sanin <aleksey@aleksey.com> + + * docs/api/* include/xmlsec/errors.h include/xmlsec/xmldsig.h + include/xmlsec/xmlenc.h src/errors.c src/xmldsig.c + src/xmlenc.c src/xmlsec.c: added comments and rebuild documentation + * docs/faq.html: update FAQ + +Wed 14 Aug 2002 09:44:31 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: fixed random numbers initialization + +Tue 13 Aug 2002 09:11:45 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * win32/* src/errors.c apps/xmlsec.c: made required changes + to support new stuff in win32 port + +Tue Aug 13 13:59:32 2002 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c configure.in src/ciphers.c src/des.c src/dsa.c + src/hmac.c src/rsa.c: replaced XMLSEC_OPENSSL097 define with + XMLSEC_OPENSSL096 define + * docs/api/*: updated docs with new errors reporting functions + +Tue 13 Aug 2002 01:36:16 PM PDT Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/errors.h src/*.c configure.in: changed + error reporting system and updated all files accordingly + +Thu 08 Aug 2002 10:56:56 AM PDT Aleksey Sanin <aleksey@aleksey.com> + + * src/xpath.c: removed XPointer support from XPath 2 filter + +Wed Aug 7 14:32:44 2002 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/transforms.h include/xmlsec/xmlsec.h + src/transforms.c src/xmlsec.c src/xpath.c: added XPointer + transform (Additional XML Security URIs) + * tests/aleksey-xmldsig-01/xpointer-hmac.tmpl + tests/aleksey-xmldsig-01/xpointer-hmac.xml + tests/merlin-xpath-filter2-three/sign-xfdl.tmpl + tests/testDSig.sh: test cases for XPointer transform + + +Wed Aug 7 01:08:13 2002 Aleksey Sanin <aleksey@aleksey.com> + + * src/transforms.c src/xmldsig.c src/xmlenc.c: full + xpointers support in Reference URIs is added + * include/xmlsec/xmltree.h src/xmltree.c src/xmlsec.c + apps/xmlsec.c : removed the IDs hack + * docs/xmldsig-interop.html: added full XPointers support + * tests/*: added ID attribute declaration when necessary + +Tue Aug 6 09:51:54 2002 Aleksey Sanin <aleksey@aleksey.com> + * docs/api: updated docs with new stuff + * man/xmlsec-config.1: fixed minor problems in help file + * include/xmlsec/nodeset.h src/enveloped.c src/nodeset.c + src/transforms.c src/xmldsig.c src/xpath.c: changed new + functions names + +Mon Aug 5 22:55:05 2002 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am tests/testDSig.sh tests/testEnc.sh: added + 'perfcheck' flag to the Makefile for performance testing + +Mon Aug 5 21:11:41 2002 Aleksey Sanin <aleksey@aleksey.com> + + * include/xmlsec/nodeset.h include/xmlsec/transforms.h + src/enveloped.c src/nodeset.c src/xpath.c: new node set + code improved performaance (8-10 times!!!) + +Mon Aug 5 17:58:31 2002 Aleksey Sanin <aleksey@aleksey.com> + * Makefile.am configure.in src/xpathalt.c: + Removed alt xpath trasnform implementation as outdated + * include/xmlsec/nodeset.h src/nodeset.c + src/Makefile.am include/xmlsec/Makefile.am + include/xmlsec/transforms.h include/xmlsec/transformsInternal.h + src/transforms.c include/xmlsec/xmltree.h src/xmltree.c + src/c14n.c src/enveloped.c src/xmldsig.c + src/xpath.c: create xmlsec specific nodes set object + and start using it everythere + * src/x509.c: updated the code to use new openssl 0.9.7 builds + +Wed Jul 31 23:38:18 2002 Aleksey Sanin <aleksey@aleksey.com> + + * Makefile.am configure.in: added "enable-profiling" config option + * docs/download.html docs/index.html src/c14n.c: + starting XPath and enveloped transforms performance improvements + * tests/Makefile.am tests/merlin-c14n-three/* tests/testDSig.sh: + added one more Merlin's test suite for exc-c14n + +Wed Jul 31 15:56:17 2002 Aleksey Sanin <aleksey@aleksey.com> + * apps/xmlsec.c src/xpath.c tests/testDSig.sh: improved + XPath2 performance + +Wed Jul 31 11:45:09 2002 Aleksey Sanin <aleksey@aleksey.com> + * include/xmlsec/xmlsec.h src/keyinfo.c src/xmlsec.c src/xpath.c + tests/Makefile.am tests/testDSig.sh tests/merlin-xpath-filter2-three: + updated XPath2 transform implementation according to the + latest spec and added Merlin's tests for it + +Thu 18 Jul 2002 08:51:16 AM PDT Aleksey Sanin <aleksey@aleksey.com> + * src/x509.c: fixed problems with using self-signed certs + for signatures + +Thu Jul 11 19:30:31 2002 Aleksey Sanin <aleksey@aleksey.com> + * Makefile.am configure.in xmlsec.spec.in xmlsec.pc xmlsec.pc.in: + Add pkgconfig script + + * tests/Makefile.am tests/testDSig.sh tests/testEnc.sh tests/testKeys.sh: + more fixes for dist + +Thu Jul 11 17:17:22 2002 Aleksey Sanin <aleksey@aleksey.com> + * configure.in src/Makefile.am tests/Makefile.am: fixed + minor dist bugs + +Thu Jul 11 11:47:14 2002 Aleksey Sanin <aleksey@aleksey.com> + * Makefile.am docs/* docs/api/*: added faq and documentation + pages + +Thu Jul 11 9:19:45 2002 Aleksey Sanin <aleksey@aleksey.com> + * Makefile.am configure.in docs/api/*: added API docs + generation + +Wed Jul 10 21:39:59 2002 Aleksey Sanin <aleksey@aleksey.com> + * AUTHORS Makefile.am debian/* : added Debian packaging scripts from + John Belmonte <jvb@prairienet.org> + +Wed Jul 10 21:24:43 2002 Aleksey Sanin <aleksey@aleksey.com> + * include/xmlsec/*.h src/*.c: some comments added + +Wed Jul 10 18:06:12 2002 Aleksey Sanin <aleksey@aleksey.com> + * Makefile.am config.h.in configure.in man/* xmlsec.spec.in: + man pages for xmlsec and xmlsec-config were added + * apps/xmlsec.c: "--version" and "--help" options added + +Wed Jul 10 21:41:21 2002 Igor Zlatkovic <igor@stud.fh-frankfurt.de> + * win32/Makefile.msvc: Fixed minor typos, static link flags + and bindist target + * apps/xmlsec.c: Added snprintf -> _snprintf mapping for MS + C-runtime + +Wed Jul 10 8:45:23 2002 Aleksey Sanin <aleksey@aleksey.com> + * configure.in docs/* : 0.0.7 release + +Fri Jun 21 00:48:52 2002 Aleksey Sanin <aleksey@aleksey.com> + * Makefile.am configure.in: added win32 folder to the + distribution + +2002-06-20 Aleksey Sanin <aleksey@aleksey.com> + * apps/xmlsec.c: added password protected pem files + support + +2002-06-19 Aleksey Sanin <aleksey@aleksey.com> + * include/xmlsec/xmltree.h src/xmlsec.c src/xmltree.c: + fixed ID attribute bug found by Sascha Breite + +Mon Jun 3 21:18:54 2002 Aleksey Sanin <aleksey@aleksey.com> + * src/enveloped.c: improved performance + +Thu May 30 21:29:21 2002 Aleksey Sanin <aleksey@aleksey.com> + * src/xmltree.c: propagating XPath fix from LibXML2 + +Wed May 29 21:28:13 2002 Aleksey Sanin <aleksey@aleksey.com> + * apps/xmlsec.c include/xmlsec/keysmngr.h include/xmlsec/x509.h + src/keysmngr.c src/x509.c tests/keys.xml: pkcs12 support added + +Wed 29 May 2002 12:07:35 AM PDT Aleksey Sanin <aleksey@aleksey.com> + *: merged 0.0.6 release from local CVS + *: win32 port + *: xpath filter2 + *: custom network handlers + +Mon 29 Apr 2002 12:07:35 AM PDT Aleksey Sanin <aleksey@aleksey.com> + *: Significant API re-factoring (make it more simple and consistent) + *: added symmetric Key Wrappers support (AES, DES) + *: added RIPEMD-160 support + +Sat 30 Mar 2002 12:55:30 AM PST Aleksey Sanin <aleksey@aleksey.com> + *: Finished x509 supprot + *: Added functions to create signature "on-the-fly" + *: Updated examples and docs + *: Fixed header files installation bug + +Wed 27 Mar 2002 11:20:42 PM PST Aleksey Sanin <aleksey@aleksey.com> + *: Added x509 verification support and a skeleton for x509 + x509 based sigantures + +Tue 26 Mar 2002 06:30:10 PM PST Aleksey Sanin <aleksey@aleksey.com> + *: The result of operation (sign/verify) is returned in the + list of xmlDSigSignature objects. Application can examine + the key and signature method, content just before digesting or + signing, etc. and decide what to do with it. + *: The Transform and KeyInfo code was significantly re-written and + separated from the XMLDSig code with a goal to reuse in in + XML Signature or whatever. + *: Added support for RetrievalMethod and Manifests (pretty simple + adter the first change because both are based on Transforms) + *: Added XSLT support (based on libxslt from Daniel Veillard) + diff --git a/Copyright b/Copyright new file mode 100644 index 00000000..23e43728 --- /dev/null +++ b/Copyright @@ -0,0 +1,105 @@ +xmlsec, xmlsec-openssl, xmlsec-gnutls, xmlsec-gcrypt libraries +------------------------------------------------------------------------------ + +Copyright (C) 2002-2010 Aleksey Sanin. All Rights Reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is fur- +nished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- +NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- +NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of Aleksey Sanin shall not +be used in advertising or otherwise to promote the sale, use or other deal- +ings in this Software without prior written authorization from him. + + +xmlsec-nss library +------------------------------------------------------------------------------ +Copyright (C) 2002-2010 Aleksey Sanin. All Rights Reserved. +Copyright (c) 2003 America Online, Inc. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is fur- +nished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +Portions of the Software were created using source code and/or APIs +governed by the Mozilla Public License (MPL). The MPL is available +at http://www.mozilla.org/MPL/MPL-1.1.html. The MPL permits such +portions to be distributed with code not governed by MPL, as long +as the requirements of MPL are fulfilled for such portions. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- +NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- +NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of Aleksey Sanin shall not +be used in advertising or otherwise to promote the sale, use or other deal- +ings in this Software without prior written authorization from him. + + +xmlsec-mscrypto library +------------------------------------------------------------------------------ + +Copyright (C) 2002-2010 Aleksey Sanin. All Rights Reserved. +Copyright (C) 2003 Cordys R&D BV, All rights reserved. +Copyright (C) 2007 Roumen Petrov. +Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru). + + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is fur- +nished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- +NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- +NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of Aleksey Sanin shall not +be used in advertising or otherwise to promote the sale, use or other deal- +ings in this Software without prior written authorization from him. + + + +References +------------------------------------------------------------------------------ + +* AOL +http://www.aleksey.com/pipermail/xmlsec/2003/005488.html +http://www.aleksey.com/pipermail/xmlsec/attachments/20030729/0e25648e/attachment.htm + +* Cordys R&D BV +http://www.aleksey.com/pipermail/xmlsec/2003/005581.html + +* Cryptocom LTD +http://www.aleksey.com/pipermail/xmlsec/2006/007410.html + diff --git a/HACKING b/HACKING new file mode 100644 index 00000000..851d1628 --- /dev/null +++ b/HACKING @@ -0,0 +1,199 @@ + Rules for commits on the xmlsec module + ========================================= + +0) DO NOT COMMIT DIRECTLY ! +If you have a patch send a mail to xmlsec@aleksey.com mailing +list (you must be subscribed to the list, go to +http://www.aleksey.com/mailman/listinfo/xmlsec to subscribe). + +If there is a problem in xmlsec module that prevents you +from building other major components then feel free to patch +first and then send a mail. This is an EXCEPTIONAL case and +you should be VERY carefull when you are doing this. + +Igor Zlatkovic get an exception for the send before commit rule. + +1) Coding style. + - Formatting. Just for clarification, the formating is: + + tab size=8;indentation=4;insert spaces=yes + + - Use explicit "!= NULL", "!= 0", etc. This makes code + easier to read and remove warnings on some platform. + Example: + BAD: + if(a) + GOOD: + if(a != NULL) + or + if(a != 0) + + - Put figure brackets '{}' even if you have only one operator + in "if", "for", etc. This also makes code easier to read and + saves a lot of time when you need to quickly change something. + Example: + BAD: + if(a != NULL) + xmlFree(a); + GOOD: + if(a != NULL) { + xmlFree(a); + } + + - Use round brackets '()' in conditions to show the precedence order. + I don't remember what goes first '<<' or '*', do you? + Example: + BAD: + if(privkey == NULL || pubkey == NULL) + GOOD: + if((privkey == NULL) || (pubkey == NULL)) + + - Use round brackets '()' for "return". + Example: + BAD: + return 0; + GOOD: + return(0); + + - Check for warnings! Use "--enable-pedantic" option + for "configure.in" script to enable as much warnings as possible. + Your patch should produce no new warnings and if you'll + see something that you can fix, then do it. + + - Check for memory leaks. There is a built in support for + valgrind (http://devel-home.kde.org/~sewardj/). In order to use it, + use "enable_static_linking" option for "configure.in" script to + force static linking of xmlsec command line utility and run + "make memcheck" from the top xmlsec source folder. The results are printed + at the end. More detailed logs could be found in /tmp/test*.log files. + +2) Coding practice + - You should trust nobody! Anyone can fool you: user or another application + might provide you incorrect data; call to xmlsec or system function might + fail with an error code; worse, the same call might fail but the return + code is "success" and so on. The patch fixes a lot of places where the + original code failed to check input data or function return values. + One of my favorite examples is the code that *silently* assumed that + base64 decoded value of a RSA public exponent obtained from XML fits + in a DWORD. And after that the code did memcpy to copy from xmlSecBuffer + to a DWORD variable *without* checking how much data are actualy copied! + The trivial DoS attack (at least DoS!!!) is to put very long base64 string + in XML file and enjoy the server crash. + One of the strongest sides of xmlsec library is that there are very few + known ways to crash it (and all of them are related to running the + application in an environment with a very limited memory to force a malloc + failure). To be a little paranoid is good in this context :) + + - malloc/free vs. xmlMalloc/xmlFree + xmlsec library use libxml2 memory management functions. This provides an + easy way to replace default memory management functions with custom ones. + And this might be very usefull in some cases. + Note that crypto library might use a different memory management + functions! Be very carefully to do not mix them (i.e. get memory + allocated by crypto library function and free it with xmFree). + + - Errors reporting (XMLSEC_ERRORS_R_XMLSEC_FAILED vs. XMLSEC_ERRORS_R_CRYPTO_FAILED) + The correct usage rule is: + if the failed function starts with "xmlSec" then use + XMLSEC_ERRORS_R_XMLSEC_FAILED + else if it is xmlMalloc/xmlFree/xmlStrdup/etc then use + XMLSEC_ERRORS_R_MALLOC_FAILED + else if the function starts with "xml" or "xslt" (i.e. it comes + from libxml or libxslt) then use + XMLSEC_ERRORS_R_XML_FAILED + else if it is related to IO (fopen, fread, fwrite, etc.) then use + XMLSEC_ERRORS_R_IO_FAILED + else if the function could be used only from xmlsec-crypto (i.e. + it is crypto engine related) then use + XMLSEC_ERRORS_R_CRYPTO_FAILED + else if there is another reason (invalid data, invalid size, etc.) + corresponding error reason should be used + else + it is something new and should be discussed + fi + Correct error reason is very important. For example, some applications + ignore all the XMLSEC_ERRORS_R_XMLSEC_FAILED errors to get to the bottom of + the errors stack and report the actual problem. + + - Errors reporting: "size=%d;error=%d" instead of "size %d, error: %d": + It would be great if xmlsec-crypto libraries can follow the error message + standard adopted in the other files of xmlsec library: + "<name1>=<value1>;<name2>=<value2>;..." + This greatly helps when one needs to write a logs parser. For example, to + find the reason of memory allocation failures. + +3) Preparing and submiting a patch. +If you want to submit a patch please do following: + - Get a CVS source copy (see http://www.aleksey.com/xmlsec/download.html). + It's much easier to prepare patch from CVS than to diff two set of files. + - Test your patch! Make sure that your patch complain with xmlsec coding + style (see above) and that you don't introduce new warnings or memory leaks + (also see above). If you have a new functionality in the patch, + do not forget to add a test case(s) in the xmlsec test suite. + - If you have new files in your patch mark them "to be added" with + cvs add <filename> + command. If you have binary files, do not forget to use '-kb' option + cvs add -kb <filename> + If you have new folders in your patch and you don't have write access to CVS, + send a mail to xmlsec@aleksey.com and I'll create them for you. + - Prepare patch by running diff command from the top of the source tree: + cvs -z3 diff -uN [<file or folder names>...] > <output filename> + The file or folder names are optional and you can use it to save + yourself some time. "-u" option produces a human readble diff, + "-N" option includes to the diff new files created on prevous step. + Finally, "-z3" forces cvs to compress the network traffic and make things + faster. Please use ".diff" extension in your output filename. This will + add colors to my editor when I would be looking at it :) + - Gzip or zip your diff file! Don't send plain diff file because some mailers + corrupt it. + - Send your patch along with a short description of the problem or feature + you are fixing/implementing to the xmlsec@aleksey.com mailing list + (you must be subscribed to the list, go to http://www.aleksey.com/mailman/listinfo/xmlsec to subscribe). + If you are fixing a bug, it might be a good idea to bugzilla it first + (http://www.aleksey.com/xmlsec/bugs.html) for the record. Do not forget + to put link or bug number in your message if the bug is in bugzilla. + +4) Building a release +- Cleanup, make sure no other changes are pending + - make distclean + - git status +- Update Changelog +- Write about release changes in the release + - docs/index.html and docs/news.html +- Update release number in + - configure.in (2 places at the top) + - docs/download.html +- Create build + - ./autogen.sh + - make +- Build docs (watch for errors!) + - make docs +- Commit the "prepare for X.Y.Z" release + - git commit -m"prepare for X.Y.Z release" -a +- Run tests, make sure everything is OK + - make check +- Build release + - sudo ./scripts/build_release.sh +- Extract tar file, make sure it works + - cd /tmp + - tar xvfz /usr/src/redhat/SOURCE/xmlsec1-X.Y.z.tar.gz + - cd xmlsec1-X.Y.z + - ./configure + - make + - make check +- Copy tar file to FTP/Web Download +- Copy docs/ folder to Web folder +- Write an announcement email to xmlsec@aleksey.com +- Update freshmeat.net +- Relax + + + + + + + + + + + diff --git a/INSTALL b/INSTALL new file mode 100644 index 00000000..baa984f4 --- /dev/null +++ b/INSTALL @@ -0,0 +1,38 @@ +Compilation + +1. How to compile XMLSec? +As most UNIX libraries XMLSec follows the "standard": + + gunzip -c xmlsec-xxx.tar.gz | tar xvf - + cd xmlsec-xxxx + ./configure --help + +to see the options, then the compilation/installation proper + + ./configure [possible options] + make + make install + +Probably you may have to rerun ldconfig or similar utility to +update your list of installed shared libs. At this point you can check +that the library is compiled successfully by running + + make check + +2.What other libraries are needed to compile/install XMLSec? +XMLSec requires following libraries: + + LibXML2 (http://xmlsoft.org): a very powerfull XML parsing and + manipulating library + LibXSLT (http://xmlsoft.org/XSLT/): a nice XSLT processor based + on LibXML2 + OpenSSL (http://www.openssl.org): well known cryptographic library + +If you are running a Linux system then there is a good chance that +you already have all libraries installed. Also XMLSec requires the +normal C ANSI API (please report any violation to this rule you may find). + + +Aleksey Sanin <aleksey@aleksey.com> + +$Id$ diff --git a/Makefile.am b/Makefile.am new file mode 100644 index 00000000..669f996b --- /dev/null +++ b/Makefile.am @@ -0,0 +1,186 @@ +NULL = + +SAFE_VERSION = @XMLSEC_VERSION_SAFE@ +SUBDIRS = include src apps man docs +TEST_APP = apps/xmlsec1$(EXEEXT) +DEFAULT_CRYPTO = @XMLSEC_CRYPTO@ + +bin_SCRIPTS = xmlsec1-config +pkgconfig_DATA = xmlsec1.pc @XMLSEC_CRYPTO_PC_FILES_LIST@ +pkgconfigdir = $(libdir)/pkgconfig +confexecdir = $(libdir) +confexec_DATA = xmlsec1Conf.sh +m4datadir = $(datadir)/aclocal +m4data_DATA = xmlsec1.m4 + +ACLOCAL_AMFLAGS = -I m4 + +DISTCLEANFILES = \ + xmlsec1Conf.sh \ + xmlsec1.pc \ + xmlsec1-openssl.pc \ + xmlsec1-nss.pc \ + xmlsec1-gnutls.pc \ + xmlsec1-gcrypt.pc \ + xmlsec1-config \ + xmlsec1.spec \ + stamp-h2 \ + stamp-h3 \ + stamp-h4 \ + stamp-h5 \ + $NULL + +EXTRA_DIST = \ + m4 \ + examples \ + scripts \ + tests \ + win32 \ + NEWS \ + ChangeLog \ + Copyright \ + HACKING \ + xmlsec-openssl.pc.in \ + xmlsec-nss.pc.in\ + xmlsec-gnutls.pc.in \ + xmlsec-gcrypt.pc.in \ + xmlsec-config.in \ + xmlsecConf.sh.in \ + xmlsec.spec.in \ + xmlsec1Conf.sh \ + xmlsec1.pc @XMLSEC_CRYPTO_PC_FILES_LIST@ \ + xmlsec1-config \ + xmlsec1.spec \ + xmlsec1.m4 \ + $(NULL) + +EXTRA_CLEAN = \ + examples \ + $(NULL) + +ABS_SRCDIR=@abs_srcdir@ +ABS_BUILDDIR=@abs_builddir@ +if XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING +PRECHECK_COMMANDS = \ + cd $(ABS_SRCDIR) \ + $(NULL) +else +PRECHECK_COMMANDS= \ + for i in $(XMLSEC_CRYPTO_LIST) ; do \ + export LD_LIBRARY_PATH="$(ABS_BUILDDIR)/src/$$i/.libs:$$LD_LIBRARY_PATH" ; \ + done && \ + cd $(ABS_SRCDIR) \ + $(NULL) +endif +CHECK_CRYPTO_LIST = \ + $(XMLSEC_CRYPTO_LIST) \ + $(NULL) + +docs: docs-man + @(cd docs && $(MAKE) docs) + +docs-clean: + @(cd docs && $(MAKE) clean) + +docs-man: + @(cd man && $(MAKE) docs) + +check: check-all check-info + +check-all: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + for crypto in $(CHECK_CRYPTO_LIST) ; do \ + echo "=================== Checking xmlsec-$$crypto =================================" && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testKeys.sh \ + $$crypto \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) der \ + && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testDSig.sh \ + $$crypto \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testEnc.sh \ + $$crypto \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ; \ + done; ) + +check-info: + @echo "---------------------------- ATTENTION -----------------------------------" + @echo "--- Some of the tests use resources located on external HTTP servers. ---" + @echo "--- If you have no Internet connection or the external resource is not ---" + @echo "--- responding then the test will fail. ---" + @echo "---------------------------- ATTENTION -----------------------------------" + +check-keys: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testKeys.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +check-dsig: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testDSig.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +check-enc: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testEnc.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +check-xkms: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testXKMS.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +memcheck-res: + @grep -i 'ERROR SUMMARY' /tmp/*.log | sed 's/.*==.*== *//' | sort -u + @grep -i 'in use at exit' /tmp/*.log | sed 's/.*==.*== *//' | sort -u + @grep -i 'total heap usage' /tmp/*.log | sed 's/.*==.*== *//' | sort -u + +memcheck: $(TEST_APP) + @(export DEBUG_MEMORY=1 && $(MAKE) check && $(MAKE) memcheck-res) + +perfcheck: $(TEST_APP) + @(export PERF_TEST=10 && $(MAKE) check) + +dist-hook: + +cleantar: + @($(RM) -f xmlsec*.tar.gz COPYING.LIB) + +tar-release: clean cleantar + @(unset CDPATH && $(MAKE) dist) + +rpm: cleantar tar-release + @(unset CDPATH && rpmbuild -ta $(distdir).tar.gz) + +rpm-release: clean cleantar rpm + diff --git a/Makefile.in b/Makefile.in new file mode 100644 index 00000000..759a10bb --- /dev/null +++ b/Makefile.in @@ -0,0 +1,1155 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = . +DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(srcdir)/config.h.in \ + $(srcdir)/xmlsec-config.in $(srcdir)/xmlsec-gcrypt.pc.in \ + $(srcdir)/xmlsec-gnutls.pc.in $(srcdir)/xmlsec-nss.pc.in \ + $(srcdir)/xmlsec-openssl.pc.in $(srcdir)/xmlsec.pc.in \ + $(srcdir)/xmlsec.spec.in $(srcdir)/xmlsecConf.sh.in \ + $(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \ + TODO config.guess config.sub depcomp install-sh ltmain.sh \ + missing +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ + configure.lineno config.status.lineno +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = config.h +CONFIG_CLEAN_FILES = xmlsec1.pc xmlsec1Conf.sh xmlsec1-config \ + xmlsec1-openssl.pc xmlsec1-gnutls.pc xmlsec1-gcrypt.pc \ + xmlsec1-nss.pc xmlsec1.spec +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(confexecdir)" \ + "$(DESTDIR)$(m4datadir)" "$(DESTDIR)$(pkgconfigdir)" +SCRIPTS = $(bin_SCRIPTS) +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-dvi-recursive install-exec-recursive \ + install-html-recursive install-info-recursive \ + install-pdf-recursive install-ps-recursive install-recursive \ + installcheck-recursive installdirs-recursive pdf-recursive \ + ps-recursive uninstall-recursive +DATA = $(confexec_DATA) $(m4data_DATA) $(pkgconfig_DATA) +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir dist dist-all distcheck +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +distdir = $(PACKAGE)-$(VERSION) +top_distdir = $(distdir) +am__remove_distdir = \ + { test ! -d "$(distdir)" \ + || { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ + && rm -fr "$(distdir)"; }; } +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +DIST_ARCHIVES = $(distdir).tar.gz +GZIP_ENV = --best +distuninstallcheck_listfiles = find . -type f -print +distcleancheck_listfiles = find . -type f -print +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CP = @CP@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GCRYPT_CFLAGS = @GCRYPT_CFLAGS@ +GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@ +GCRYPT_LIBS = @GCRYPT_LIBS@ +GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@ +GNUTLS_CFLAGS = @GNUTLS_CFLAGS@ +GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@ +GNUTLS_LIBS = @GNUTLS_LIBS@ +GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@ +GREP = @GREP@ +HELP2MAN = @HELP2MAN@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIBXML_CFLAGS = @LIBXML_CFLAGS@ +LIBXML_CONFIG = @LIBXML_CONFIG@ +LIBXML_LIBS = @LIBXML_LIBS@ +LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@ +LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@ +LIBXSLT_CONFIG = @LIBXSLT_CONFIG@ +LIBXSLT_LIBS = @LIBXSLT_LIBS@ +LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@ +MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@ +MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@ +MSCRYPTO_LIBS = @MSCRYPTO_LIBS@ +MV = @MV@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NSPR_MIN_VERSION = @NSPR_MIN_VERSION@ +NSPR_PACKAGE = @NSPR_PACKAGE@ +NSS_CFLAGS = @NSS_CFLAGS@ +NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@ +NSS_LIBS = @NSS_LIBS@ +NSS_MIN_VERSION = @NSS_MIN_VERSION@ +NSS_PACKAGE = @NSS_PACKAGE@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CFLAGS = @OPENSSL_CFLAGS@ +OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@ +OPENSSL_LIBS = @OPENSSL_LIBS@ +OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +RANLIB = @RANLIB@ +RM = @RM@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +TAR = @TAR@ +U = @U@ +VERSION = @VERSION@ +XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@ +XMLSEC_CFLAGS = @XMLSEC_CFLAGS@ +XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@ +XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@ +XMLSEC_CRYPTO = @XMLSEC_CRYPTO@ +XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@ +XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@ +XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ +XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@ +XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@ +XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@ +XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@ +XMLSEC_DEFINES = @XMLSEC_DEFINES@ +XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@ +XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@ +XMLSEC_DOCDIR = @XMLSEC_DOCDIR@ +XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@ +XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@ +XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@ +XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@ +XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@ +XMLSEC_LIBDIR = @XMLSEC_LIBDIR@ +XMLSEC_LIBS = @XMLSEC_LIBS@ +XMLSEC_NO_AES = @XMLSEC_NO_AES@ +XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@ +XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@ +XMLSEC_NO_DES = @XMLSEC_NO_DES@ +XMLSEC_NO_DSA = @XMLSEC_NO_DSA@ +XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@ +XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@ +XMLSEC_NO_GOST = @XMLSEC_NO_GOST@ +XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@ +XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@ +XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@ +XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@ +XMLSEC_NO_NSS = @XMLSEC_NO_NSS@ +XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@ +XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@ +XMLSEC_NO_RSA = @XMLSEC_NO_RSA@ +XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@ +XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@ +XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@ +XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@ +XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@ +XMLSEC_NO_X509 = @XMLSEC_NO_X509@ +XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@ +XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@ +XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@ +XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@ +XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@ +XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@ +XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@ +XMLSEC_PACKAGE = @XMLSEC_PACKAGE@ +XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@ +XMLSEC_VERSION = @XMLSEC_VERSION@ +XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@ +XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@ +XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@ +XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@ +XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +NULL = +SAFE_VERSION = @XMLSEC_VERSION_SAFE@ +SUBDIRS = include src apps man docs +TEST_APP = apps/xmlsec1$(EXEEXT) +DEFAULT_CRYPTO = @XMLSEC_CRYPTO@ +bin_SCRIPTS = xmlsec1-config +pkgconfig_DATA = xmlsec1.pc @XMLSEC_CRYPTO_PC_FILES_LIST@ +pkgconfigdir = $(libdir)/pkgconfig +confexecdir = $(libdir) +confexec_DATA = xmlsec1Conf.sh +m4datadir = $(datadir)/aclocal +m4data_DATA = xmlsec1.m4 +ACLOCAL_AMFLAGS = -I m4 +DISTCLEANFILES = \ + xmlsec1Conf.sh \ + xmlsec1.pc \ + xmlsec1-openssl.pc \ + xmlsec1-nss.pc \ + xmlsec1-gnutls.pc \ + xmlsec1-gcrypt.pc \ + xmlsec1-config \ + xmlsec1.spec \ + stamp-h2 \ + stamp-h3 \ + stamp-h4 \ + stamp-h5 \ + $NULL + +EXTRA_DIST = \ + m4 \ + examples \ + scripts \ + tests \ + win32 \ + NEWS \ + ChangeLog \ + Copyright \ + HACKING \ + xmlsec-openssl.pc.in \ + xmlsec-nss.pc.in\ + xmlsec-gnutls.pc.in \ + xmlsec-gcrypt.pc.in \ + xmlsec-config.in \ + xmlsecConf.sh.in \ + xmlsec.spec.in \ + xmlsec1Conf.sh \ + xmlsec1.pc @XMLSEC_CRYPTO_PC_FILES_LIST@ \ + xmlsec1-config \ + xmlsec1.spec \ + xmlsec1.m4 \ + $(NULL) + +EXTRA_CLEAN = \ + examples \ + $(NULL) + +ABS_SRCDIR = @abs_srcdir@ +ABS_BUILDDIR = @abs_builddir@ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@PRECHECK_COMMANDS = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ for i in $(XMLSEC_CRYPTO_LIST) ; do \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ export LD_LIBRARY_PATH="$(ABS_BUILDDIR)/src/$$i/.libs:$$LD_LIBRARY_PATH" ; \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ done && \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ cd $(ABS_SRCDIR) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL) + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@PRECHECK_COMMANDS = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ cd $(ABS_SRCDIR) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL) + +CHECK_CRYPTO_LIST = \ + $(XMLSEC_CRYPTO_LIST) \ + $(NULL) + +all: config.h + $(MAKE) $(AM_MAKEFLAGS) all-recursive + +.SUFFIXES: +am--refresh: + @: +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + echo ' cd $(srcdir) && $(AUTOMAKE) --gnu'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --gnu \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + echo ' $(SHELL) ./config.status'; \ + $(SHELL) ./config.status;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + $(SHELL) ./config.status --recheck + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + $(am__cd) $(srcdir) && $(AUTOCONF) +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) +$(am__aclocal_m4_deps): + +config.h: stamp-h1 + @if test ! -f $@; then \ + rm -f stamp-h1; \ + $(MAKE) $(AM_MAKEFLAGS) stamp-h1; \ + else :; fi + +stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status + @rm -f stamp-h1 + cd $(top_builddir) && $(SHELL) ./config.status config.h +$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) + rm -f stamp-h1 + touch $@ + +distclean-hdr: + -rm -f config.h stamp-h1 +xmlsec1.pc: $(top_builddir)/config.status $(srcdir)/xmlsec.pc.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1Conf.sh: $(top_builddir)/config.status $(srcdir)/xmlsecConf.sh.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1-config: $(top_builddir)/config.status $(srcdir)/xmlsec-config.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1-openssl.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-openssl.pc.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1-gnutls.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-gnutls.pc.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1-gcrypt.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-gcrypt.pc.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1-nss.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-nss.pc.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +xmlsec1.spec: $(top_builddir)/config.status $(srcdir)/xmlsec.spec.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +install-binSCRIPTS: $(bin_SCRIPTS) + @$(NORMAL_INSTALL) + test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" + @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n' \ + -e 'h;s|.*|.|' \ + -e 'p;x;s,.*/,,;$(transform)' | sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1; } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) { files[d] = files[d] " " $$1; \ + if (++n[d] == $(am__install_max)) { \ + print "f", d, files[d]; n[d] = 0; files[d] = "" } } \ + else { print "f", d "/" $$4, $$1 } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_SCRIPT) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_SCRIPT) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binSCRIPTS: + @$(NORMAL_UNINSTALL) + @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || exit 0; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 's,.*/,,;$(transform)'`; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + -rm -f libtool config.lt +install-confexecDATA: $(confexec_DATA) + @$(NORMAL_INSTALL) + test -z "$(confexecdir)" || $(MKDIR_P) "$(DESTDIR)$(confexecdir)" + @list='$(confexec_DATA)'; test -n "$(confexecdir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(confexecdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(confexecdir)" || exit $$?; \ + done + +uninstall-confexecDATA: + @$(NORMAL_UNINSTALL) + @list='$(confexec_DATA)'; test -n "$(confexecdir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(confexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(confexecdir)" && rm -f $$files +install-m4dataDATA: $(m4data_DATA) + @$(NORMAL_INSTALL) + test -z "$(m4datadir)" || $(MKDIR_P) "$(DESTDIR)$(m4datadir)" + @list='$(m4data_DATA)'; test -n "$(m4datadir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(m4datadir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(m4datadir)" || exit $$?; \ + done + +uninstall-m4dataDATA: + @$(NORMAL_UNINSTALL) + @list='$(m4data_DATA)'; test -n "$(m4datadir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(m4datadir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(m4datadir)" && rm -f $$files +install-pkgconfigDATA: $(pkgconfig_DATA) + @$(NORMAL_INSTALL) + test -z "$(pkgconfigdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" + @list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgconfigdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgconfigdir)" || exit $$?; \ + done + +uninstall-pkgconfigDATA: + @$(NORMAL_UNINSTALL) + @list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(pkgconfigdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(pkgconfigdir)" && rm -f $$files + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. +$(RECURSIVE_TARGETS): + @fail= failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +$(RECURSIVE_CLEAN_TARGETS): + @fail= failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + rev=''; for subdir in $$list; do \ + if test "$$subdir" = "."; then :; else \ + rev="$$subdir $$rev"; \ + fi; \ + done; \ + rev="$$rev ."; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + $(am__remove_distdir) + test -d "$(distdir)" || mkdir "$(distdir)" + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook + -test -n "$(am__skip_mode_fix)" \ + || find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ + ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ + ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ + ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ + || chmod -R a+r "$(distdir)" +dist-gzip: distdir + tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + $(am__remove_distdir) + +dist-bzip2: distdir + tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 + $(am__remove_distdir) + +dist-lzma: distdir + tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma + $(am__remove_distdir) + +dist-xz: distdir + tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz + $(am__remove_distdir) + +dist-tarZ: distdir + tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z + $(am__remove_distdir) + +dist-shar: distdir + shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz + $(am__remove_distdir) + +dist-zip: distdir + -rm -f $(distdir).zip + zip -rq $(distdir).zip $(distdir) + $(am__remove_distdir) + +dist dist-all: distdir + tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + $(am__remove_distdir) + +# This target untars the dist file and tries a VPATH configuration. Then +# it guarantees that the distribution is self-contained by making another +# tarfile. +distcheck: dist + case '$(DIST_ARCHIVES)' in \ + *.tar.gz*) \ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ + *.tar.bz2*) \ + bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ + *.tar.lzma*) \ + lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ + *.tar.xz*) \ + xz -dc $(distdir).tar.xz | $(am__untar) ;;\ + *.tar.Z*) \ + uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ + *.shar.gz*) \ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ + *.zip*) \ + unzip $(distdir).zip ;;\ + esac + chmod -R a-w $(distdir); chmod a+w $(distdir) + mkdir $(distdir)/_build + mkdir $(distdir)/_inst + chmod a-w $(distdir) + test -d $(distdir)/_build || exit 0; \ + dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ + && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ + && am__cwd=`pwd` \ + && $(am__cd) $(distdir)/_build \ + && ../configure --srcdir=.. --prefix="$$dc_install_base" \ + $(DISTCHECK_CONFIGURE_FLAGS) \ + && $(MAKE) $(AM_MAKEFLAGS) \ + && $(MAKE) $(AM_MAKEFLAGS) dvi \ + && $(MAKE) $(AM_MAKEFLAGS) check \ + && $(MAKE) $(AM_MAKEFLAGS) install \ + && $(MAKE) $(AM_MAKEFLAGS) installcheck \ + && $(MAKE) $(AM_MAKEFLAGS) uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ + distuninstallcheck \ + && chmod -R a-w "$$dc_install_base" \ + && ({ \ + (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ + distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ + } || { rm -rf "$$dc_destdir"; exit 1; }) \ + && rm -rf "$$dc_destdir" \ + && $(MAKE) $(AM_MAKEFLAGS) dist \ + && rm -rf $(DIST_ARCHIVES) \ + && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ + && cd "$$am__cwd" \ + || exit 1 + $(am__remove_distdir) + @(echo "$(distdir) archives ready for distribution: "; \ + list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ + sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' +distuninstallcheck: + @$(am__cd) '$(distuninstallcheck_dir)' \ + && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ + || { echo "ERROR: files left after uninstall:" ; \ + if test -n "$(DESTDIR)"; then \ + echo " (check DESTDIR support)"; \ + fi ; \ + $(distuninstallcheck_listfiles) ; \ + exit 1; } >&2 +distcleancheck: distclean + @if test '$(srcdir)' = . ; then \ + echo "ERROR: distcleancheck can only run from a VPATH build" ; \ + exit 1 ; \ + fi + @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ + || { echo "ERROR: files left in build directory after distclean:" ; \ + $(distcleancheck_listfiles) ; \ + exit 1; } >&2 +check-am: all-am +check: check-recursive +all-am: Makefile $(SCRIPTS) $(DATA) config.h +installdirs: installdirs-recursive +installdirs-am: + for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(confexecdir)" "$(DESTDIR)$(m4datadir)" "$(DESTDIR)$(pkgconfigdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-hdr \ + distclean-libtool distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +html-am: + +info: info-recursive + +info-am: + +install-data-am: install-m4dataDATA install-pkgconfigDATA + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: install-binSCRIPTS install-confexecDATA + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -rf $(top_srcdir)/autom4te.cache + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: uninstall-binSCRIPTS uninstall-confexecDATA \ + uninstall-m4dataDATA uninstall-pkgconfigDATA + +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) all \ + ctags-recursive install-am install-strip tags-recursive + +.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ + all all-am am--refresh check check-am clean clean-generic \ + clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \ + dist-gzip dist-hook dist-lzma dist-shar dist-tarZ dist-xz \ + dist-zip distcheck distclean distclean-generic distclean-hdr \ + distclean-libtool distclean-tags distcleancheck distdir \ + distuninstallcheck dvi dvi-am html html-am info info-am \ + install install-am install-binSCRIPTS install-confexecDATA \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-m4dataDATA install-man \ + install-pdf install-pdf-am install-pkgconfigDATA install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs installdirs-am maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ + uninstall uninstall-am uninstall-binSCRIPTS \ + uninstall-confexecDATA uninstall-m4dataDATA \ + uninstall-pkgconfigDATA + + +docs: docs-man + @(cd docs && $(MAKE) docs) + +docs-clean: + @(cd docs && $(MAKE) clean) + +docs-man: + @(cd man && $(MAKE) docs) + +check: check-all check-info + +check-all: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + for crypto in $(CHECK_CRYPTO_LIST) ; do \ + echo "=================== Checking xmlsec-$$crypto =================================" && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testKeys.sh \ + $$crypto \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) der \ + && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testDSig.sh \ + $$crypto \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testEnc.sh \ + $$crypto \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ; \ + done; ) + +check-info: + @echo "---------------------------- ATTENTION -----------------------------------" + @echo "--- Some of the tests use resources located on external HTTP servers. ---" + @echo "--- If you have no Internet connection or the external resource is not ---" + @echo "--- responding then the test will fail. ---" + @echo "---------------------------- ATTENTION -----------------------------------" + +check-keys: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testKeys.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +check-dsig: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testDSig.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +check-enc: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testEnc.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +check-xkms: $(TEST_APP) + @($(PRECHECK_COMMANDS) && \ + $(SHELL) ./tests/testrun.sh \ + $(ABS_SRCDIR)/tests/testXKMS.sh \ + $(DEFAULT_CRYPTO) \ + $(ABS_SRCDIR)/tests \ + $(ABS_BUILDDIR)/$(TEST_APP) \ + der \ + ) + +memcheck-res: + @grep -i 'ERROR SUMMARY' /tmp/*.log | sed 's/.*==.*== *//' | sort -u + @grep -i 'in use at exit' /tmp/*.log | sed 's/.*==.*== *//' | sort -u + @grep -i 'total heap usage' /tmp/*.log | sed 's/.*==.*== *//' | sort -u + +memcheck: $(TEST_APP) + @(export DEBUG_MEMORY=1 && $(MAKE) check && $(MAKE) memcheck-res) + +perfcheck: $(TEST_APP) + @(export PERF_TEST=10 && $(MAKE) check) + +dist-hook: + +cleantar: + @($(RM) -f xmlsec*.tar.gz COPYING.LIB) + +tar-release: clean cleantar + @(unset CDPATH && $(MAKE) dist) + +rpm: cleantar tar-release + @(unset CDPATH && rpmbuild -ta $(distdir).tar.gz) + +rpm-release: clean cleantar rpm + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: @@ -0,0 +1 @@ +Check ChangeLog file :)
\ No newline at end of file @@ -0,0 +1,15 @@ +XMLSec Library +---------------------------------------------- + +XMLSec library provides C based implementation for major XML Security +standards: + * XML Signature Syntax and Processing + http://www.w3.org/TR/xmldsig-core + * XML Encryption Syntax and Processing + http://www.w3.org/TR/xmlenc-core/ +XMLSec is based on well known LibXML (http://xmlsoft.org), LibXSLT +(http://xmlsoft.org/XSLT) and OpenSSL (http://www.openssl.org) libraries. + +This code is released under the MIT Licence see the Copyright file. + +Aleksey Sanin <aleksey@aleksey.com> @@ -0,0 +1,156 @@ +************************************************* + General +************************************************* + +* Unify password callback (one of parameters: filename) +* Get key usage from certs +* Extend keys manager to return more info when key is found or not found + (what cheks were performed, etc.) + + +************************************************* + Tests status +************************************************* + +------------------------------------------------- +* xmlsec-openssl (April 26, 2010 using OpenSSL 0.9.8g) +------------------------------------------------- + +** Skipped tests due to missing transforms: GOST + +aleksey-xmldsig-01/enveloped-gost + + +------------------------------------------------- +* xmlsec-nss (April 26, 2010 using NSS 3.12.6) +------------------------------------------------- + +** Skipped tests due to missing transforms: RIPEMD160, SHA224, RSA/OAEP, GOST + +aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160 +aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64 +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224 +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64 +aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160 +aleksey-xmldsig-01/enveloping-sha224-rsa-sha224 +aleksey-xmldsig-01/enveloped-gost +merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes +merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p +01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1 + +** Failed tests due to no support for CRLs in XML document + +merlin-xmldsig-twenty-three/signature-x509-crt-crl + + +------------------------------------------------- +* xmlsec-mscrypto (May 09, 2010 using Windows XP SP3) +------------------------------------------------- + +** Skipped tests due to missing transforms: RIPEMD160, SHA224 + +aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160 +aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64 +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224 +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64 +aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160 +aleksey-xmldsig-01/enveloping-sha224-rsa-sha224 +merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes + +** Failed tests due to no GOST crypto providers on test machine + +aleksey-xmldsig-01/enveloped-gost + +------------------------------------------------- +* xmlsec-gnutls (May 24, 2010 using GnuTLS) +------------------------------------------------- + +** Skipped tests due to missing transforms: RSA PKCS/OAEP, GOST + +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224 +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64 +aleksey-xmldsig-01/enveloping-sha224-rsa-sha224 +merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5 +merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p +aleksey-xmldsig-01/enveloped-gost +phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl + +01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5 +01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5 +01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5 +01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5 +01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1 + +------------------------------------------------- +* xmlsec-gcrypt (May 09, 2010 using GCrypt) +------------------------------------------------- + +** Skipped tests due to missing transforms: DSA, RSA PKCS/OAEP, X509, GOST + +aleksey-xmldsig-01/enveloping-dsa-x509chain +aleksey-xmldsig-01/enveloping-rsa-x509chain +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224 +aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64 +aleksey-xmldsig-01/enveloping-md5-rsa-md5 +aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160 +aleksey-xmldsig-01/enveloping-sha1-rsa-sha1 +aleksey-xmldsig-01/enveloping-sha224-rsa-sha224 +aleksey-xmldsig-01/enveloping-sha256-rsa-sha256 +aleksey-xmldsig-01/enveloping-sha384-rsa-sha384 +aleksey-xmldsig-01/enveloping-sha512-rsa-sha512 +aleksey-xmldsig-01/enveloping-expired-cert +aleksey-xmldsig-01/x509data-test +aleksey-xmldsig-01/x509data-sn-test + +merlin-xmldsig-twenty-three/signature-keyname +merlin-xmldsig-twenty-three/signature-x509-crt +merlin-xmldsig-twenty-three/signature-x509-sn +merlin-xmldsig-twenty-three/signature-x509-is +merlin-xmldsig-twenty-three/signature-x509-ski +merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt +merlin-xmldsig-twenty-three/signature +merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5 +merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p +phaos-xmldsig-three/signature-big +phaos-xmldsig-three/signature-dsa-detached +phaos-xmldsig-three/signature-dsa-enveloped +phaos-xmldsig-three/signature-dsa-enveloping +phaos-xmldsig-three/signature-dsa-manifest +phaos-xmldsig-three/signature-rsa-detached-b64-transform +phaos-xmldsig-three/signature-rsa-detached +phaos-xmldsig-three/signature-rsa-detached-xpath-transform +phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method +phaos-xmldsig-three/signature-rsa-detached-xslt-transform +phaos-xmldsig-three/signature-rsa-enveloped +phaos-xmldsig-three/signature-rsa-enveloping +phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain +phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert +phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial +phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski +phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name +phaos-xmldsig-three/signature-rsa-manifest +phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped +aleksey-xmldsig-01/enveloped-gost +merlin-xmldsig-twenty-three/signature-x509-crt-crl +aleksey-xmldsig-01/enveloping-expired-cert +phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method +phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val +phaos-xmldsig-three/signature-rsa-enveloped-bad-sig +phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl + +merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5 +merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p +01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5 +01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5 +01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1 +01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5 +01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5 +01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1 diff --git a/aclocal.m4 b/aclocal.m4 new file mode 100644 index 00000000..ca9f5739 --- /dev/null +++ b/aclocal.m4 @@ -0,0 +1,1197 @@ +# generated automatically by aclocal 1.11.1 -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.67],, +[m4_warning([this file was generated for autoconf 2.67. +You have another version of autoconf. It may work, but is not guaranteed to. +If you have problems, you may need to regenerate the build system entirely. +To do so, use the procedure documented by the package, typically `autoreconf'.])]) + +# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- +# serial 1 (pkg-config-0.24) +# +# Copyright © 2004 Scott James Remnant <scott@netsplit.com>. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# PKG_PROG_PKG_CONFIG([MIN-VERSION]) +# ---------------------------------- +AC_DEFUN([PKG_PROG_PKG_CONFIG], +[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) +m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) +AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) +AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) +AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) + +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=m4_default([$1], [0.9.0]) + AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PKG_CONFIG="" + fi +fi[]dnl +])# PKG_PROG_PKG_CONFIG + +# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# +# Check to see whether a particular set of modules exists. Similar +# to PKG_CHECK_MODULES(), but does not set variables or print errors. +# +# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +# only at the first occurence in configure.ac, so if the first place +# it's called might be skipped (such as if it is within an "if", you +# have to call PKG_CHECK_EXISTS manually +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_EXISTS], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +if test -n "$PKG_CONFIG" && \ + AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then + m4_default([$2], [:]) +m4_ifvaln([$3], [else + $3])dnl +fi]) + +# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) +# --------------------------------------------- +m4_define([_PKG_CONFIG], +[if test -n "$$1"; then + pkg_cv_[]$1="$$1" + elif test -n "$PKG_CONFIG"; then + PKG_CHECK_EXISTS([$3], + [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], + [pkg_failed=yes]) + else + pkg_failed=untried +fi[]dnl +])# _PKG_CONFIG + +# _PKG_SHORT_ERRORS_SUPPORTED +# ----------------------------- +AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi[]dnl +])# _PKG_SHORT_ERRORS_SUPPORTED + + +# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], +# [ACTION-IF-NOT-FOUND]) +# +# +# Note that if there is a possibility the first call to +# PKG_CHECK_MODULES might not happen, you should be sure to include an +# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac +# +# +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_MODULES], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl +AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl + +pkg_failed=no +AC_MSG_CHECKING([for $1]) + +_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) +_PKG_CONFIG([$1][_LIBS], [libs], [$2]) + +m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS +and $1[]_LIBS to avoid the need to call pkg-config. +See the pkg-config man page for more details.]) + +if test $pkg_failed = yes; then + AC_MSG_RESULT([no]) + _PKG_SHORT_ERRORS_SUPPORTED + if test $_pkg_short_errors_supported = yes; then + $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "$2" 2>&1` + else + $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors "$2" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD + + m4_default([$4], [AC_MSG_ERROR( +[Package requirements ($2) were not met: + +$$1_PKG_ERRORS + +Consider adjusting the PKG_CONFIG_PATH environment variable if you +installed software in a non-standard prefix. + +_PKG_TEXT])dnl + ]) +elif test $pkg_failed = untried; then + AC_MSG_RESULT([no]) + m4_default([$4], [AC_MSG_FAILURE( +[The pkg-config script could not be found or is too old. Make sure it +is in your PATH or set the PKG_CONFIG environment variable to the full +path to pkg-config. + +_PKG_TEXT + +To get pkg-config, see <http://pkg-config.freedesktop.org/>.])dnl + ]) +else + $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS + $1[]_LIBS=$pkg_cv_[]$1[]_LIBS + AC_MSG_RESULT([yes]) + $3 +fi[]dnl +])# PKG_CHECK_MODULES + +# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_AUTOMAKE_VERSION(VERSION) +# ---------------------------- +# Automake X.Y traces this macro to ensure aclocal.m4 has been +# generated from the m4 files accompanying Automake X.Y. +# (This private macro should not be called outside this file.) +AC_DEFUN([AM_AUTOMAKE_VERSION], +[am__api_version='1.11' +dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to +dnl require some minimum version. Point them to the right macro. +m4_if([$1], [1.11.1], [], + [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl +]) + +# _AM_AUTOCONF_VERSION(VERSION) +# ----------------------------- +# aclocal traces this macro to find the Autoconf version. +# This is a private macro too. Using m4_define simplifies +# the logic in aclocal, which can simply ignore this definition. +m4_define([_AM_AUTOCONF_VERSION], []) + +# AM_SET_CURRENT_AUTOMAKE_VERSION +# ------------------------------- +# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. +# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. +AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], +[AM_AUTOMAKE_VERSION([1.11.1])dnl +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) + +# AM_AUX_DIR_EXPAND -*- Autoconf -*- + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets +# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to +# `$srcdir', `$srcdir/..', or `$srcdir/../..'. +# +# Of course, Automake must honor this variable whenever it calls a +# tool from the auxiliary directory. The problem is that $srcdir (and +# therefore $ac_aux_dir as well) can be either absolute or relative, +# depending on how configure is run. This is pretty annoying, since +# it makes $ac_aux_dir quite unusable in subdirectories: in the top +# source directory, any form will work fine, but in subdirectories a +# relative path needs to be adjusted first. +# +# $ac_aux_dir/missing +# fails when called from a subdirectory if $ac_aux_dir is relative +# $top_srcdir/$ac_aux_dir/missing +# fails if $ac_aux_dir is absolute, +# fails when called from a subdirectory in a VPATH build with +# a relative $ac_aux_dir +# +# The reason of the latter failure is that $top_srcdir and $ac_aux_dir +# are both prefixed by $srcdir. In an in-source build this is usually +# harmless because $srcdir is `.', but things will broke when you +# start a VPATH build or use an absolute $srcdir. +# +# So we could use something similar to $top_srcdir/$ac_aux_dir/missing, +# iff we strip the leading $srcdir from $ac_aux_dir. That would be: +# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` +# and then we would define $MISSING as +# MISSING="\${SHELL} $am_aux_dir/missing" +# This will work as long as MISSING is not called from configure, because +# unfortunately $(top_srcdir) has no meaning in configure. +# However there are other variables, like CC, which are often used in +# configure, and could therefore not use this "fixed" $ac_aux_dir. +# +# Another solution, used here, is to always expand $ac_aux_dir to an +# absolute PATH. The drawback is that using absolute paths prevent a +# configured tree to be moved without reconfiguration. + +AC_DEFUN([AM_AUX_DIR_EXPAND], +[dnl Rely on autoconf to set up CDPATH properly. +AC_PREREQ([2.50])dnl +# expand $ac_aux_dir to an absolute path +am_aux_dir=`cd $ac_aux_dir && pwd` +]) + +# AM_CONDITIONAL -*- Autoconf -*- + +# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 9 + +# AM_CONDITIONAL(NAME, SHELL-CONDITION) +# ------------------------------------- +# Define a conditional. +AC_DEFUN([AM_CONDITIONAL], +[AC_PREREQ(2.52)dnl + ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], + [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl +AC_SUBST([$1_TRUE])dnl +AC_SUBST([$1_FALSE])dnl +_AM_SUBST_NOTMAKE([$1_TRUE])dnl +_AM_SUBST_NOTMAKE([$1_FALSE])dnl +m4_define([_AM_COND_VALUE_$1], [$2])dnl +if $2; then + $1_TRUE= + $1_FALSE='#' +else + $1_TRUE='#' + $1_FALSE= +fi +AC_CONFIG_COMMANDS_PRE( +[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then + AC_MSG_ERROR([[conditional "$1" was never defined. +Usually this means the macro was only invoked conditionally.]]) +fi])]) + +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 10 + +# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be +# written in clear, in which case automake, when reading aclocal.m4, +# will think it sees a *use*, and therefore will trigger all it's +# C support machinery. Also note that it means that autoscan, seeing +# CC etc. in the Makefile, will ask for an AC_PROG_CC use... + + +# _AM_DEPENDENCIES(NAME) +# ---------------------- +# See how the compiler implements dependency checking. +# NAME is "CC", "CXX", "GCJ", or "OBJC". +# We try a few techniques and use that to set a single cache variable. +# +# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was +# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular +# dependency, and given that the user is not expected to run this macro, +# just rely on AC_PROG_CC. +AC_DEFUN([_AM_DEPENDENCIES], +[AC_REQUIRE([AM_SET_DEPDIR])dnl +AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl +AC_REQUIRE([AM_MAKE_INCLUDE])dnl +AC_REQUIRE([AM_DEP_TRACK])dnl + +ifelse([$1], CC, [depcc="$CC" am_compiler_list=], + [$1], CXX, [depcc="$CXX" am_compiler_list=], + [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'], + [$1], UPC, [depcc="$UPC" am_compiler_list=], + [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'], + [depcc="$$1" am_compiler_list=]) + +AC_CACHE_CHECK([dependency style of $depcc], + [am_cv_$1_dependencies_compiler_type], +[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named `D' -- because `-MD' means `put the output + # in D'. + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_$1_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` + fi + am__universal=false + m4_case([$1], [CC], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac], + [CXX], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac]) + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with `-c' and `-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle `-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # after this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvisualcpp | msvcmsys) + # This compiler won't grok `-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_$1_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_$1_dependencies_compiler_type=none +fi +]) +AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) +AM_CONDITIONAL([am__fastdep$1], [ + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) +]) + + +# AM_SET_DEPDIR +# ------------- +# Choose a directory name for dependency files. +# This macro is AC_REQUIREd in _AM_DEPENDENCIES +AC_DEFUN([AM_SET_DEPDIR], +[AC_REQUIRE([AM_SET_LEADING_DOT])dnl +AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl +]) + + +# AM_DEP_TRACK +# ------------ +AC_DEFUN([AM_DEP_TRACK], +[AC_ARG_ENABLE(dependency-tracking, +[ --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors]) +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' +fi +AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) +AC_SUBST([AMDEPBACKSLASH])dnl +_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl +]) + +# Generate code to set up dependency tracking. -*- Autoconf -*- + +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +#serial 5 + +# _AM_OUTPUT_DEPENDENCY_COMMANDS +# ------------------------------ +AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], +[{ + # Autoconf 2.62 quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named `Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`AS_DIRNAME("$mf")` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # When using ansi2knr, U may be empty or an underscore; expand it + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`AS_DIRNAME(["$file"])` + AS_MKDIR_P([$dirpart/$fdir]) + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} +])# _AM_OUTPUT_DEPENDENCY_COMMANDS + + +# AM_OUTPUT_DEPENDENCY_COMMANDS +# ----------------------------- +# This macro should only be invoked once -- use via AC_REQUIRE. +# +# This code is only required when automatic dependency tracking +# is enabled. FIXME. This creates each `.P' file that we will +# need in order to bootstrap the dependency handling code. +AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], +[AC_CONFIG_COMMANDS([depfiles], + [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], + [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) +]) + +# Do all the work for Automake. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005, 2006, 2008, 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 16 + +# This macro actually does too much. Some checks are only needed if +# your package does certain things. But this isn't really a big deal. + +# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) +# AM_INIT_AUTOMAKE([OPTIONS]) +# ----------------------------------------------- +# The call with PACKAGE and VERSION arguments is the old style +# call (pre autoconf-2.50), which is being phased out. PACKAGE +# and VERSION should now be passed to AC_INIT and removed from +# the call to AM_INIT_AUTOMAKE. +# We support both call styles for the transition. After +# the next Automake release, Autoconf can make the AC_INIT +# arguments mandatory, and then we can depend on a new Autoconf +# release and drop the old call support. +AC_DEFUN([AM_INIT_AUTOMAKE], +[AC_PREREQ([2.62])dnl +dnl Autoconf wants to disallow AM_ names. We explicitly allow +dnl the ones we care about. +m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl +AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl +AC_REQUIRE([AC_PROG_INSTALL])dnl +if test "`cd $srcdir && pwd`" != "`pwd`"; then + # Use -I$(srcdir) only when $(srcdir) != ., so that make's output + # is not polluted with repeated "-I." + AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl + # test to see if srcdir already configured + if test -f $srcdir/config.status; then + AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) + fi +fi + +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi +AC_SUBST([CYGPATH_W]) + +# Define the identity of the package. +dnl Distinguish between old-style and new-style calls. +m4_ifval([$2], +[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl + AC_SUBST([PACKAGE], [$1])dnl + AC_SUBST([VERSION], [$2])], +[_AM_SET_OPTIONS([$1])dnl +dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. +m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,, + [m4_fatal([AC_INIT should be called with package and version arguments])])dnl + AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl + AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl + +_AM_IF_OPTION([no-define],, +[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) + AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl + +# Some tools Automake needs. +AC_REQUIRE([AM_SANITY_CHECK])dnl +AC_REQUIRE([AC_ARG_PROGRAM])dnl +AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) +AM_MISSING_PROG(AUTOCONF, autoconf) +AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) +AM_MISSING_PROG(AUTOHEADER, autoheader) +AM_MISSING_PROG(MAKEINFO, makeinfo) +AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl +AC_REQUIRE([AM_PROG_MKDIR_P])dnl +# We need awk for the "check" target. The system "awk" is bad on +# some platforms. +AC_REQUIRE([AC_PROG_AWK])dnl +AC_REQUIRE([AC_PROG_MAKE_SET])dnl +AC_REQUIRE([AM_SET_LEADING_DOT])dnl +_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], + [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], + [_AM_PROG_TAR([v7])])]) +_AM_IF_OPTION([no-dependencies],, +[AC_PROVIDE_IFELSE([AC_PROG_CC], + [_AM_DEPENDENCIES(CC)], + [define([AC_PROG_CC], + defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl +AC_PROVIDE_IFELSE([AC_PROG_CXX], + [_AM_DEPENDENCIES(CXX)], + [define([AC_PROG_CXX], + defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl +AC_PROVIDE_IFELSE([AC_PROG_OBJC], + [_AM_DEPENDENCIES(OBJC)], + [define([AC_PROG_OBJC], + defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl +]) +_AM_IF_OPTION([silent-rules], [AC_REQUIRE([AM_SILENT_RULES])])dnl +dnl The `parallel-tests' driver may need to know about EXEEXT, so add the +dnl `am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This macro +dnl is hooked onto _AC_COMPILER_EXEEXT early, see below. +AC_CONFIG_COMMANDS_PRE(dnl +[m4_provide_if([_AM_COMPILER_EXEEXT], + [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl +]) + +dnl Hook into `_AC_COMPILER_EXEEXT' early to learn its expansion. Do not +dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further +dnl mangled by Autoconf and run in a shell conditional statement. +m4_define([_AC_COMPILER_EXEEXT], +m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) + + +# When config.status generates a header, we must update the stamp-h file. +# This file resides in the same directory as the config header +# that is generated. The stamp files are numbered to have different names. + +# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the +# loop where config.status creates the headers, so we can generate +# our stamp files there. +AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], +[# Compute $1's index in $config_headers. +_am_arg=$1 +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac +done +echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) + +# Copyright (C) 2001, 2003, 2005, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_SH +# ------------------ +# Define $install_sh. +AC_DEFUN([AM_PROG_INSTALL_SH], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi +AC_SUBST(install_sh)]) + +# Copyright (C) 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# Check whether the underlying file-system supports filenames +# with a leading dot. For instance MS-DOS doesn't. +AC_DEFUN([AM_SET_LEADING_DOT], +[rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null +AC_SUBST([am__leading_dot])]) + +# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- +# From Jim Meyering + +# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 5 + +# AM_MAINTAINER_MODE([DEFAULT-MODE]) +# ---------------------------------- +# Control maintainer-specific portions of Makefiles. +# Default is to disable them, unless `enable' is passed literally. +# For symmetry, `disable' may be passed as well. Anyway, the user +# can override the default with the --enable/--disable switch. +AC_DEFUN([AM_MAINTAINER_MODE], +[m4_case(m4_default([$1], [disable]), + [enable], [m4_define([am_maintainer_other], [disable])], + [disable], [m4_define([am_maintainer_other], [enable])], + [m4_define([am_maintainer_other], [enable]) + m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) +AC_MSG_CHECKING([whether to am_maintainer_other maintainer-specific portions of Makefiles]) + dnl maintainer-mode's default is 'disable' unless 'enable' is passed + AC_ARG_ENABLE([maintainer-mode], +[ --][am_maintainer_other][-maintainer-mode am_maintainer_other make rules and dependencies not useful + (and sometimes confusing) to the casual installer], + [USE_MAINTAINER_MODE=$enableval], + [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) + AC_MSG_RESULT([$USE_MAINTAINER_MODE]) + AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) + MAINT=$MAINTAINER_MODE_TRUE + AC_SUBST([MAINT])dnl +] +) + +AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) + +# Check to see how 'make' treats includes. -*- Autoconf -*- + +# Copyright (C) 2001, 2002, 2003, 2005, 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +# AM_MAKE_INCLUDE() +# ----------------- +# Check to see how make treats includes. +AC_DEFUN([AM_MAKE_INCLUDE], +[am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +AC_MSG_CHECKING([for style of include used by $am_make]) +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from `make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi +AC_SUBST([am__include]) +AC_SUBST([am__quote]) +AC_MSG_RESULT([$_am_result]) +rm -f confinc confmf +]) + +# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- + +# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 6 + +# AM_MISSING_PROG(NAME, PROGRAM) +# ------------------------------ +AC_DEFUN([AM_MISSING_PROG], +[AC_REQUIRE([AM_MISSING_HAS_RUN]) +$1=${$1-"${am_missing_run}$2"} +AC_SUBST($1)]) + + +# AM_MISSING_HAS_RUN +# ------------------ +# Define MISSING if not defined so far and test if it supports --run. +# If it does, set am_missing_run to use it, otherwise, to nothing. +AC_DEFUN([AM_MISSING_HAS_RUN], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([missing])dnl +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi +# Use eval to expand $SHELL +if eval "$MISSING --run true"; then + am_missing_run="$MISSING --run " +else + am_missing_run= + AC_MSG_WARN([`missing' script is too old or missing]) +fi +]) + +# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_MKDIR_P +# --------------- +# Check for `mkdir -p'. +AC_DEFUN([AM_PROG_MKDIR_P], +[AC_PREREQ([2.60])dnl +AC_REQUIRE([AC_PROG_MKDIR_P])dnl +dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P, +dnl while keeping a definition of mkdir_p for backward compatibility. +dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile. +dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of +dnl Makefile.ins that do not define MKDIR_P, so we do our own +dnl adjustment using top_builddir (which is defined more often than +dnl MKDIR_P). +AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl +case $mkdir_p in + [[\\/$]]* | ?:[[\\/]]*) ;; + */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; +esac +]) + +# Helper functions for option handling. -*- Autoconf -*- + +# Copyright (C) 2001, 2002, 2003, 2005, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +# _AM_MANGLE_OPTION(NAME) +# ----------------------- +AC_DEFUN([_AM_MANGLE_OPTION], +[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) + +# _AM_SET_OPTION(NAME) +# ------------------------------ +# Set option NAME. Presently that only means defining a flag for this option. +AC_DEFUN([_AM_SET_OPTION], +[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) + +# _AM_SET_OPTIONS(OPTIONS) +# ---------------------------------- +# OPTIONS is a space-separated list of Automake options. +AC_DEFUN([_AM_SET_OPTIONS], +[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) + +# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) +# ------------------------------------------- +# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. +AC_DEFUN([_AM_IF_OPTION], +[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) + +# Copyright (C) 1996, 1997, 1998, 2000, 2001, 2002, 2003, 2005, 2006 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 5 + +AC_DEFUN([AM_C_PROTOTYPES], +[AC_REQUIRE([AC_C_PROTOTYPES]) +if test "$ac_cv_prog_cc_stdc" != no; then + U= ANSI2KNR= +else + U=_ ANSI2KNR=./ansi2knr +fi +# Ensure some checks needed by ansi2knr itself. +AC_REQUIRE([AC_HEADER_STDC]) +AC_CHECK_HEADERS([string.h]) +AC_SUBST([U])dnl +AC_SUBST([ANSI2KNR])dnl +_AM_SUBST_NOTMAKE([ANSI2KNR])dnl +]) + +AU_DEFUN([fp_C_PROTOTYPES], [AM_C_PROTOTYPES]) + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_RUN_LOG(COMMAND) +# ------------------- +# Run COMMAND, save the exit status in ac_status, and log it. +# (This has been adapted from Autoconf's _AC_RUN_LOG macro.) +AC_DEFUN([AM_RUN_LOG], +[{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD + ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + (exit $ac_status); }]) + +# Check to make sure that the build environment is sane. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 5 + +# AM_SANITY_CHECK +# --------------- +AC_DEFUN([AM_SANITY_CHECK], +[AC_MSG_CHECKING([whether build environment is sane]) +# Just in case +sleep 1 +echo timestamp > conftest.file +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[[\\\"\#\$\&\'\`$am_lf]]*) + AC_MSG_ERROR([unsafe absolute working directory name]);; +esac +case $srcdir in + *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) + AC_MSG_ERROR([unsafe srcdir value: `$srcdir']);; +esac + +# Do `set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$[*]" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + rm -f conftest.file + if test "$[*]" != "X $srcdir/configure conftest.file" \ + && test "$[*]" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken +alias in your environment]) + fi + + test "$[2]" = conftest.file + ) +then + # Ok. + : +else + AC_MSG_ERROR([newly created file is older than distributed files! +Check your system clock]) +fi +AC_MSG_RESULT(yes)]) + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_STRIP +# --------------------- +# One issue with vendor `install' (even GNU) is that you can't +# specify the program used to strip binaries. This is especially +# annoying in cross-compiling environments, where the build's strip +# is unlikely to handle the host's binaries. +# Fortunately install-sh will honor a STRIPPROG variable, so we +# always use install-sh in `make install-strip', and initialize +# STRIPPROG with the value of the STRIP variable (set by the user). +AC_DEFUN([AM_PROG_INSTALL_STRIP], +[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +# Installed binaries are usually stripped using `strip' when the user +# run `make install-strip'. However `strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the `STRIP' environment variable to overrule this program. +dnl Don't test for $cross_compiling = yes, because it might be `maybe'. +if test "$cross_compiling" != no; then + AC_CHECK_TOOL([STRIP], [strip], :) +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" +AC_SUBST([INSTALL_STRIP_PROGRAM])]) + +# Copyright (C) 2006, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# _AM_SUBST_NOTMAKE(VARIABLE) +# --------------------------- +# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. +# This macro is traced by Automake. +AC_DEFUN([_AM_SUBST_NOTMAKE]) + +# AM_SUBST_NOTMAKE(VARIABLE) +# --------------------------- +# Public sister of _AM_SUBST_NOTMAKE. +AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) + +# Check how to create a tarball. -*- Autoconf -*- + +# Copyright (C) 2004, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# _AM_PROG_TAR(FORMAT) +# -------------------- +# Check how to create a tarball in format FORMAT. +# FORMAT should be one of `v7', `ustar', or `pax'. +# +# Substitute a variable $(am__tar) that is a command +# writing to stdout a FORMAT-tarball containing the directory +# $tardir. +# tardir=directory && $(am__tar) > result.tar +# +# Substitute a variable $(am__untar) that extract such +# a tarball read from stdin. +# $(am__untar) < result.tar +AC_DEFUN([_AM_PROG_TAR], +[# Always define AMTAR for backward compatibility. +AM_MISSING_PROG([AMTAR], [tar]) +m4_if([$1], [v7], + [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], + [m4_case([$1], [ustar],, [pax],, + [m4_fatal([Unknown tar format])]) +AC_MSG_CHECKING([how to create a $1 tar archive]) +# Loop over all known methods to create a tar archive until one works. +_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' +_am_tools=${am_cv_prog_tar_$1-$_am_tools} +# Do not fold the above two line into one, because Tru64 sh and +# Solaris sh will not grok spaces in the rhs of `-'. +for _am_tool in $_am_tools +do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; + do + AM_RUN_LOG([$_am_tar --version]) && break + done + am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x $1 -w "$$tardir"' + am__tar_='pax -L -x $1 -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H $1 -L' + am__tar_='find "$tardir" -print | cpio -o -H $1 -L' + am__untar='cpio -i -H $1 -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac + + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_$1}" && break + + # tar/untar a dummy directory, and stop if the command works + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + rm -rf conftest.dir + if test -s conftest.tar; then + AM_RUN_LOG([$am__untar <conftest.tar]) + grep GrepMe conftest.dir/file >/dev/null 2>&1 && break + fi +done +rm -rf conftest.dir + +AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) +AC_MSG_RESULT([$am_cv_prog_tar_$1])]) +AC_SUBST([am__tar]) +AC_SUBST([am__untar]) +]) # _AM_PROG_TAR + +m4_include([m4/libtool.m4]) +m4_include([m4/ltoptions.m4]) +m4_include([m4/ltsugar.m4]) +m4_include([m4/ltversion.m4]) +m4_include([m4/lt~obsolete.m4]) diff --git a/apps/Makefile.am b/apps/Makefile.am new file mode 100644 index 00000000..278ddf49 --- /dev/null +++ b/apps/Makefile.am @@ -0,0 +1,84 @@ +NULL = + +bin_PROGRAMS = xmlsec1 + +XMLSEC_LIBS = $(top_builddir)/src/libxmlsec1.la + + +# check if we use dynamic loading for xmlsec-crypto or not +if XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING + +CRYPTO_DEPS = \ + $(top_builddir)/src/$(XMLSEC_CRYPTO)/lib$(XMLSEC_CRYPTO_LIB).la \ + $(NULL) + +CRYPTO_INCLUDES = \ + $(XMLSEC_CRYPTO_CFLAGS) \ + $(NULL) + +CRYPTO_LD_FLAGS = \ + $(NULL) + +CRYPTO_LD_ADD = \ + $(XMLSEC_CRYPTO_LIBS) \ + $(CRYPTO_DEPS) \ + $(NULL) + +else + +CRYPTO_DEPS = \ + $(NULL) + +CRYPTO_INCLUDES = \ + -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 + $(NULL) + +CRYPTO_LD_FLAGS = \ + $(NULL) + +CRYPTO_LD_ADD = \ + $(CRYPTO_DEPS) \ + $(NULL) + +endif + + +INCLUDES = \ + -DXMLSEC_CRYPTO=\"@XMLSEC_CRYPTO@\" \ + -DPACKAGE=\"@PACKAGE@\" \ + -I../include \ + -I$(top_srcdir)/include \ + $(XMLSEC_DEFINES) \ + $(XMLSEC_APP_DEFINES) \ + $(CRYPTO_INCLUDES) \ + $(LIBXSLT_CFLAGS) \ + $(LIBXML_CFLAGS) \ + $(XMLSEC_DL_INCLUDES) \ + $(NULL) + +# xmlsec command line utility +xmlsec1_SOURCES = \ + xmlsec.c \ + crypto.c crypto.h \ + cmdline.c cmdline.h \ + $(NULL) + + +xmlsec1_LDFLAGS = \ + $(CRYPTO_LD_FLAGS) \ + @XMLSEC_STATIC_BINARIES@ \ + $(NULL) + +xmlsec1_LDADD = \ + $(LIBXSLT_LIBS) \ + $(LIBXML_LIBS) \ + $(CRYPTO_LD_ADD) \ + $(XMLSEC_LIBS) \ + $(XMLSEC_DL_LIBS) \ + $(NULL) + +xmlsec1_DEPENDENCIES = \ + $(CRYPTO_DEPS) \ + $(XMLSEC_LIBS) \ + $(NULL) + diff --git a/apps/Makefile.in b/apps/Makefile.in new file mode 100644 index 00000000..82af5089 --- /dev/null +++ b/apps/Makefile.in @@ -0,0 +1,694 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +bin_PROGRAMS = xmlsec1$(EXEEXT) +subdir = apps +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(bindir)" +PROGRAMS = $(bin_PROGRAMS) +am__objects_1 = +am_xmlsec1_OBJECTS = xmlsec.$(OBJEXT) crypto.$(OBJEXT) \ + cmdline.$(OBJEXT) $(am__objects_1) +xmlsec1_OBJECTS = $(am_xmlsec1_OBJECTS) +am__DEPENDENCIES_1 = +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_2 = $(top_builddir)/src/$(XMLSEC_CRYPTO)/lib$(XMLSEC_CRYPTO_LIB).la \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(am__DEPENDENCIES_1) +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(am__DEPENDENCIES_1) +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(am__DEPENDENCIES_2) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(am__DEPENDENCIES_1) +xmlsec1_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(xmlsec1_LDFLAGS) \ + $(LDFLAGS) -o $@ +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(xmlsec1_SOURCES) +DIST_SOURCES = $(xmlsec1_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CP = @CP@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GCRYPT_CFLAGS = @GCRYPT_CFLAGS@ +GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@ +GCRYPT_LIBS = @GCRYPT_LIBS@ +GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@ +GNUTLS_CFLAGS = @GNUTLS_CFLAGS@ +GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@ +GNUTLS_LIBS = @GNUTLS_LIBS@ +GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@ +GREP = @GREP@ +HELP2MAN = @HELP2MAN@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIBXML_CFLAGS = @LIBXML_CFLAGS@ +LIBXML_CONFIG = @LIBXML_CONFIG@ +LIBXML_LIBS = @LIBXML_LIBS@ +LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@ +LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@ +LIBXSLT_CONFIG = @LIBXSLT_CONFIG@ +LIBXSLT_LIBS = @LIBXSLT_LIBS@ +LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@ +MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@ +MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@ +MSCRYPTO_LIBS = @MSCRYPTO_LIBS@ +MV = @MV@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NSPR_MIN_VERSION = @NSPR_MIN_VERSION@ +NSPR_PACKAGE = @NSPR_PACKAGE@ +NSS_CFLAGS = @NSS_CFLAGS@ +NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@ +NSS_LIBS = @NSS_LIBS@ +NSS_MIN_VERSION = @NSS_MIN_VERSION@ +NSS_PACKAGE = @NSS_PACKAGE@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CFLAGS = @OPENSSL_CFLAGS@ +OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@ +OPENSSL_LIBS = @OPENSSL_LIBS@ +OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +RANLIB = @RANLIB@ +RM = @RM@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +TAR = @TAR@ +U = @U@ +VERSION = @VERSION@ +XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@ +XMLSEC_CFLAGS = @XMLSEC_CFLAGS@ +XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@ +XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@ +XMLSEC_CRYPTO = @XMLSEC_CRYPTO@ +XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@ +XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@ +XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@ +XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@ +XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@ +XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@ +XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@ +XMLSEC_DEFINES = @XMLSEC_DEFINES@ +XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@ +XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@ +XMLSEC_DOCDIR = @XMLSEC_DOCDIR@ +XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@ +XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@ +XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@ +XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@ +XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@ +XMLSEC_LIBDIR = @XMLSEC_LIBDIR@ +XMLSEC_LIBS = $(top_builddir)/src/libxmlsec1.la +XMLSEC_NO_AES = @XMLSEC_NO_AES@ +XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@ +XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@ +XMLSEC_NO_DES = @XMLSEC_NO_DES@ +XMLSEC_NO_DSA = @XMLSEC_NO_DSA@ +XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@ +XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@ +XMLSEC_NO_GOST = @XMLSEC_NO_GOST@ +XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@ +XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@ +XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@ +XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@ +XMLSEC_NO_NSS = @XMLSEC_NO_NSS@ +XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@ +XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@ +XMLSEC_NO_RSA = @XMLSEC_NO_RSA@ +XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@ +XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@ +XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@ +XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@ +XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@ +XMLSEC_NO_X509 = @XMLSEC_NO_X509@ +XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@ +XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@ +XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@ +XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@ +XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@ +XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@ +XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@ +XMLSEC_PACKAGE = @XMLSEC_PACKAGE@ +XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@ +XMLSEC_VERSION = @XMLSEC_VERSION@ +XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@ +XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@ +XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@ +XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@ +XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +NULL = +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_DEPS = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL) + + +# check if we use dynamic loading for xmlsec-crypto or not +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_DEPS = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(top_builddir)/src/$(XMLSEC_CRYPTO)/lib$(XMLSEC_CRYPTO_LIB).la \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL) + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_INCLUDES = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_INCLUDES = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(XMLSEC_CRYPTO_CFLAGS) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL) + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_LD_FLAGS = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL) + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_LD_FLAGS = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL) + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_LD_ADD = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(CRYPTO_DEPS) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL) + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_LD_ADD = \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(XMLSEC_CRYPTO_LIBS) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(CRYPTO_DEPS) \ +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@ $(NULL) + +INCLUDES = \ + -DXMLSEC_CRYPTO=\"@XMLSEC_CRYPTO@\" \ + -DPACKAGE=\"@PACKAGE@\" \ + -I../include \ + -I$(top_srcdir)/include \ + $(XMLSEC_DEFINES) \ + $(XMLSEC_APP_DEFINES) \ + $(CRYPTO_INCLUDES) \ + $(LIBXSLT_CFLAGS) \ + $(LIBXML_CFLAGS) \ + $(XMLSEC_DL_INCLUDES) \ + $(NULL) + + +# xmlsec command line utility +xmlsec1_SOURCES = \ + xmlsec.c \ + crypto.c crypto.h \ + cmdline.c cmdline.h \ + $(NULL) + +xmlsec1_LDFLAGS = \ + $(CRYPTO_LD_FLAGS) \ + @XMLSEC_STATIC_BINARIES@ \ + $(NULL) + +xmlsec1_LDADD = \ + $(LIBXSLT_LIBS) \ + $(LIBXML_LIBS) \ + $(CRYPTO_LD_ADD) \ + $(XMLSEC_LIBS) \ + $(XMLSEC_DL_LIBS) \ + $(NULL) + +xmlsec1_DEPENDENCIES = \ + $(CRYPTO_DEPS) \ + $(XMLSEC_LIBS) \ + $(NULL) + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu apps/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu apps/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +clean-binPROGRAMS: + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +xmlsec1$(EXEEXT): $(xmlsec1_OBJECTS) $(xmlsec1_DEPENDENCIES) + @rm -f xmlsec1$(EXEEXT) + $(xmlsec1_LINK) $(xmlsec1_OBJECTS) $(xmlsec1_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cmdline.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlsec.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(PROGRAMS) +installdirs: + for dir in "$(DESTDIR)$(bindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-binPROGRAMS + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-binPROGRAMS + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \ + clean-generic clean-libtool ctags distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-binPROGRAMS install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-binPROGRAMS + +@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@ $(NULL) + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/apps/cmdline.c b/apps/cmdline.c new file mode 100644 index 00000000..b9ecafb5 --- /dev/null +++ b/apps/cmdline.c @@ -0,0 +1,355 @@ +/** + * + * XMLSec library + * + * + * See Copyright for the status of this software. + * + * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + */ +#if defined(_MSC_VER) +#define snprintf _snprintf +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <time.h> +#include <string.h> +#include <assert.h> + +#include "cmdline.h" + +static int xmlSecAppCmdLineMatchParam (const char* argvParam, + const char* paramName, + int canHaveNameString); +static xmlSecAppCmdLineParamPtr xmlSecAppCmdLineParamsListFind (xmlSecAppCmdLineParamPtr* params, + xmlSecAppCmdLineParamTopic topics, + const char* name); +static int xmlSecAppCmdLineParamRead (xmlSecAppCmdLineParamPtr param, + const char** argv, + int argc, + int pos); +static int xmlSecAppCmdLineTimeParamRead (const char* str, + time_t* t); + +int +xmlSecAppCmdLineParamIsSet(xmlSecAppCmdLineParamPtr param) { + return(((param != NULL) && (param->value != NULL)) ? 1 : 0); +} + +const char* +xmlSecAppCmdLineParamGetString(xmlSecAppCmdLineParamPtr param) { + if(param->type != xmlSecAppCmdLineParamTypeString) { + fprintf(stderr, "Error: parameter \"%s\" is not string.\n", param->fullName); + return(NULL); + } + return((param->value != NULL) ? param->value->strValue : NULL); +} + +const char* +xmlSecAppCmdLineParamGetStringList(xmlSecAppCmdLineParamPtr param) { + if(param->type != xmlSecAppCmdLineParamTypeStringList) { + fprintf(stderr, "Error: parameter \"%s\" is not string list.\n", param->fullName); + return(NULL); + } + return((param->value != NULL) ? param->value->strListValue : NULL); +} + +int +xmlSecAppCmdLineParamGetInt(xmlSecAppCmdLineParamPtr param, int def) { + if(param->type != xmlSecAppCmdLineParamTypeNumber) { + fprintf(stderr, "Error: parameter \"%s\" is not integer.\n", param->fullName); + return(def); + } + return((param->value != NULL) ? param->value->intValue : def); +} + +time_t +xmlSecAppCmdLineParamGetTime(xmlSecAppCmdLineParamPtr param, time_t def) { + if(param->type != xmlSecAppCmdLineParamTypeTime) { + fprintf(stderr, "Error: parameter \"%s\" is not time.\n", param->fullName); + return(def); + } + return((param->value != NULL) ? param->value->timeValue : def); +} + +int +xmlSecAppCmdLineParamsListParse(xmlSecAppCmdLineParamPtr* params, + xmlSecAppCmdLineParamTopic topics, + const char** argv, int argc, int pos) { + xmlSecAppCmdLineParamPtr param; + int ii; + int ret; + + assert(params != NULL); + assert(argv != NULL); + + while((pos < argc) && (argv[pos][0] == '-')) { + param = xmlSecAppCmdLineParamsListFind(params, topics, argv[pos]); + if(param == NULL) { + fprintf(stderr, "Error: parameter \"%s\" is not supported or the requested\nfeature might have been disabled during compilation.\n", argv[pos]); + return(-1); + } + + ret = xmlSecAppCmdLineParamRead(param, argv, argc, pos); + if(ret < pos) { + fprintf(stderr, "Error: failed to parse parameter \"%s\".\n", argv[pos]); + return(-1); + } + pos = ret + 1; + } + + /* check that all parameters at the end are filenames */ + for(ii = pos; (ii < argc); ++ii) { + if(argv[ii][0] == '-') { + fprintf(stderr, "Error: filename is expected instead of parameter \"%s\".\n", argv[ii]); + return(-1); + + } + } + + + + return(pos); +} + +void +xmlSecAppCmdLineParamsListClean(xmlSecAppCmdLineParamPtr* params) { + xmlSecAppCmdLineValuePtr tmp; + size_t i; + + assert(params != NULL); + + for(i = 0; params[i] != NULL; ++i) { + while(params[i]->value != NULL) { + tmp = params[i]->value; + params[i]->value = params[i]->value->next; + xmlSecAppCmdLineValueDestroy(tmp); + } + } +} + +void +xmlSecAppCmdLineParamsListPrint(xmlSecAppCmdLineParamPtr* params, + xmlSecAppCmdLineParamTopic topics, + FILE* output) { + size_t i; + + assert(params != NULL); + assert(output != NULL); + + for(i = 0; params[i] != NULL; ++i) { + if(((params[i]->topics & topics) != 0) && (params[i]->help != NULL)) { + fprintf(output, " %s\n", params[i]->help); + } + } +} + +xmlSecAppCmdLineValuePtr +xmlSecAppCmdLineValueCreate(xmlSecAppCmdLineParamPtr param, int pos) { + xmlSecAppCmdLineValuePtr value; + + assert(param != NULL); + value = (xmlSecAppCmdLineValuePtr) malloc(sizeof(xmlSecAppCmdLineValue)); + if(value == NULL) { + fprintf(stderr, "Error: malloc failed (%d bytes).\n", sizeof(xmlSecAppCmdLineValue)); + return(NULL); + } + memset(value, 0, sizeof(xmlSecAppCmdLineValue)); + + value->param = param; + value->pos = pos; + return(value); +} + +void +xmlSecAppCmdLineValueDestroy(xmlSecAppCmdLineValuePtr value) { + assert(value != NULL); + + if(value->strListValue != NULL) { + free((void*)value->strListValue); + } + free(value); +} + +static int +xmlSecAppCmdLineMatchParam(const char* argvParam, const char* paramName, + int canHaveNameString) { + assert(argvParam != NULL); + assert(paramName != NULL); + + if(canHaveNameString != 0) { + int len = strlen(paramName); + + if((strncmp(argvParam, paramName, len) == 0) && + ((argvParam[len] == '\0') || (argvParam[len] == ':'))) { + + return(1); + } + } else if(strcmp(argvParam, paramName) == 0) { + return(1); + } + return(0); +} + +static xmlSecAppCmdLineParamPtr +xmlSecAppCmdLineParamsListFind(xmlSecAppCmdLineParamPtr* params, xmlSecAppCmdLineParamTopic topics, + const char* name) { + size_t i; + int canHaveNameString; + + assert(params != NULL); + assert(name != NULL); + + for(i = 0; params[i] != NULL; ++i) { + if((params[i]->topics & topics) == 0) { + continue; + } + + canHaveNameString = ((params[i]->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) ? 1 : 0; + if((params[i]->fullName != NULL) && + (xmlSecAppCmdLineMatchParam(name, params[i]->fullName, canHaveNameString) == 1)) { + + return(params[i]); + } + + if((params[i]->shortName != NULL) && + (xmlSecAppCmdLineMatchParam(name, params[i]->shortName, canHaveNameString) == 1)) { + + return(params[i]); + } + } + + return(NULL); +} + +static int +xmlSecAppCmdLineParamRead(xmlSecAppCmdLineParamPtr param, const char** argv, int argc, int pos) { + xmlSecAppCmdLineValuePtr value; + xmlSecAppCmdLineValuePtr prev = NULL; + char* buf; + + assert(param != NULL); + assert(argv != NULL); + assert(pos < argc); + + /* first find the previous value in the list */ + if((param->flags & xmlSecAppCmdLineParamFlagMultipleValues) != 0) { + prev = param->value; + while((prev != NULL) && (prev->next != NULL)) { + prev = prev->next; + } + } else if(param->value != NULL) { + fprintf(stderr, "Error: only one parameter \"%s\" is allowed.\n", argv[pos]); + return(-1); + } + + /* create new value and add to the list */ + value = xmlSecAppCmdLineValueCreate(param, pos); + if(value == NULL) { + fprintf(stderr, "Error: failed to create value for parameter \"%s\".\n", argv[pos]); + return(-1); + } + if(prev != NULL) { + assert(prev->next == NULL); + prev->next = value; + } else { + param->value = value; + } + + /* if we can have a string value after the name, parse it */ + if((param->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) { + value->paramNameValue = strchr(argv[pos], ':'); + if(value->paramNameValue != NULL) { + ++value->paramNameValue; + } + } + + switch(param->type) { + case xmlSecAppCmdLineParamTypeFlag: + /* do nothing */ + break; + case xmlSecAppCmdLineParamTypeString: + if(pos + 1 >= argc) { + fprintf(stderr, "Error: string argument expected for parameter \"%s\".\n", argv[pos]); + return(-1); + } + value->strValue = argv[++pos]; + break; + case xmlSecAppCmdLineParamTypeStringList: + if(pos + 1 >= argc) { + fprintf(stderr, "Error: string list argument expected for parameter \"%s\".\n", argv[pos]); + return(-1); + } + value->strValue = argv[++pos]; + buf = (char*)malloc(strlen(value->strValue) + 2); + if(buf == NULL) { + fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", strlen(value->strValue) + 2); + return(-1); + } + memset(buf, 0, strlen(value->strValue) + 2); + memcpy(buf, value->strValue, strlen(value->strValue)); + value->strListValue = buf; + while((*buf) != '\0') { + if((*buf) == ',') { + (*buf) = '\0'; + } + ++buf; + } + break; + case xmlSecAppCmdLineParamTypeNumber: + if(pos + 1 >= argc) { + fprintf(stderr, "Error: integer argument expected for parameter \"%s\".\n", argv[pos]); + return(-1); + } + value->strValue = argv[++pos]; + if(sscanf(value->strValue, "%d", &(value->intValue)) != 1) { + fprintf(stderr, "Error: integer argument \"%s\" is invalid.\n", value->strValue); + return(-1); + } + break; + case xmlSecAppCmdLineParamTypeTime: + if(pos + 1 >= argc) { + fprintf(stderr, "Error: time argument expected for parameter \"%s\".\n", argv[pos]); + return(-1); + } + value->strValue = argv[++pos]; + if(xmlSecAppCmdLineTimeParamRead(value->strValue, &(value->timeValue)) < 0) { + fprintf(stderr, "Error: time argument \"%s\" is invalid, expected format is \"YYYY-MM-DD HH:MM:SS\").\n", value->strValue); + return(-1); + } + break; + } + return(pos); +} + +static int +xmlSecAppCmdLineTimeParamRead(const char* str, time_t* t) { + struct tm tm; + int n; + + if((str == NULL) || (t == NULL)) { + return(-1); + } + memset(&tm, 0, sizeof(tm)); + tm.tm_isdst = -1; + + n = sscanf(str, "%4d-%2d-%2d%*c%2d:%2d:%2d", + &tm.tm_year, &tm.tm_mon, &tm.tm_mday, + &tm.tm_hour, &tm.tm_min, &tm.tm_sec); + if((n != 6) || (tm.tm_year < 1900) + || (tm.tm_mon < 1) || (tm.tm_mon > 12) + || (tm.tm_mday < 1) || (tm.tm_mday > 31) + || (tm.tm_hour < 0) || (tm.tm_hour > 23) + || (tm.tm_min < 0) || (tm.tm_min > 59) + || (tm.tm_sec < 0) || (tm.tm_sec > 61)) { + return(-1); + } + + tm.tm_year -= 1900; /* tm relative format year */ + tm.tm_mon -= 1; /* tm relative format month */ + + (*t) = mktime(&tm); + return(0); +} + diff --git a/apps/cmdline.h b/apps/cmdline.h new file mode 100644 index 00000000..9466f972 --- /dev/null +++ b/apps/cmdline.h @@ -0,0 +1,89 @@ +/** + * XMLSec library + * + * Command line parsing routines + * + * See Copyright for the status of this software. + * + * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + */ +#ifndef __XMLSEC_APPS_CMDLINE_H__ +#define __XMLSEC_APPS_CMDLINE_H__ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +#include <time.h> + +typedef struct _xmlSecAppCmdLineParam xmlSecAppCmdLineParam, + *xmlSecAppCmdLineParamPtr; +typedef struct _xmlSecAppCmdLineValue xmlSecAppCmdLineValue, + *xmlSecAppCmdLineValuePtr; +typedef unsigned int xmlSecAppCmdLineParamTopic; + +#define xmlSecAppCmdLineParamFlagNone 0x0000 +#define xmlSecAppCmdLineParamFlagParamNameValue 0x0001 +#define xmlSecAppCmdLineParamFlagMultipleValues 0x0002 + +typedef enum { + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamTypeNumber, + xmlSecAppCmdLineParamTypeTime +} xmlSecAppCmdLineParamType; + +struct _xmlSecAppCmdLineParam { + xmlSecAppCmdLineParamTopic topics; + const char* fullName; + const char* shortName; + const char* help; + xmlSecAppCmdLineParamType type; + int flags; + xmlSecAppCmdLineValuePtr value; +}; + +int xmlSecAppCmdLineParamIsSet (xmlSecAppCmdLineParamPtr param); +const char* xmlSecAppCmdLineParamGetString (xmlSecAppCmdLineParamPtr param); +const char* xmlSecAppCmdLineParamGetStringList (xmlSecAppCmdLineParamPtr param); +int xmlSecAppCmdLineParamGetInt (xmlSecAppCmdLineParamPtr param, + int def); +time_t xmlSecAppCmdLineParamGetTime (xmlSecAppCmdLineParamPtr param, + time_t def); + +int xmlSecAppCmdLineParamsListParse (xmlSecAppCmdLineParamPtr* params, + xmlSecAppCmdLineParamTopic topcis, + const char** argv, + int argc, + int pos); +void xmlSecAppCmdLineParamsListClean (xmlSecAppCmdLineParamPtr* params); +void xmlSecAppCmdLineParamsListPrint (xmlSecAppCmdLineParamPtr* params, + xmlSecAppCmdLineParamTopic topic, + FILE* output); + +struct _xmlSecAppCmdLineValue { + xmlSecAppCmdLineParamPtr param; + int pos; + const char* paramNameValue; + const char* strValue; + const char* strListValue; + int intValue; + time_t timeValue; + xmlSecAppCmdLineValuePtr next; +}; + + +xmlSecAppCmdLineValuePtr xmlSecAppCmdLineValueCreate (xmlSecAppCmdLineParamPtr param, + int pos); +void xmlSecAppCmdLineValueDestroy (xmlSecAppCmdLineValuePtr value); + + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* __XMLSEC_APPS_CMDLINE_H__ */ + + + diff --git a/apps/crypto.c b/apps/crypto.c new file mode 100644 index 00000000..49dd127c --- /dev/null +++ b/apps/crypto.c @@ -0,0 +1,396 @@ +/** + * + * XMLSec library + * + * + * See Copyright for the status of this software. + * + * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + */ +#if defined(_MSC_VER) +#define snprintf _snprintf +#endif + +#include <string.h> + +#include <xmlsec/xmlsec.h> +#include <xmlsec/keys.h> +#include <xmlsec/transforms.h> +#include <xmlsec/errors.h> + +#include "crypto.h" + +int +xmlSecAppCryptoInit(const char* config) { + if(xmlSecCryptoAppInit(config) < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppInit", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + if(xmlSecCryptoInit() < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoInit", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + return(0); +} + +int +xmlSecAppCryptoShutdown(void) { + if(xmlSecCryptoShutdown() < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoShutdown", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + if(xmlSecCryptoAppShutdown() < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppShutdown", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + return(0); +} + +int +xmlSecAppCryptoSimpleKeysMngrInit(xmlSecKeysMngrPtr mngr) { + xmlSecAssert2(mngr != NULL, -1); + + return(xmlSecCryptoAppDefaultKeysMngrInit(mngr)); +} + +int +xmlSecAppCryptoSimpleKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char *filename) { + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(filename != NULL, -1); + + return(xmlSecCryptoAppDefaultKeysMngrLoad(mngr, filename)); +} + +int +xmlSecAppCryptoSimpleKeysMngrSave(xmlSecKeysMngrPtr mngr, const char *filename, xmlSecKeyDataType type) { + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(filename != NULL, -1); + + return(xmlSecCryptoAppDefaultKeysMngrSave(mngr, filename, type)); +} + +int +xmlSecAppCryptoSimpleKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, + xmlSecKeyDataFormat format, xmlSecKeyDataType type) { + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(filename != NULL, -1); + +#ifndef XMLSEC_NO_X509 + return(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, format, type)); +#else /* XMLSEC_NO_X509 */ + return(-1); +#endif /* XMLSEC_NO_X509 */ +} + +int +xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(xmlSecKeysMngrPtr mngr, + const char* files, const char* pwd, + const char* name, + xmlSecKeyDataFormat format) { + xmlSecKeyPtr key; + int ret; + + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(files != NULL, -1); + + /* first is the key file */ + key = xmlSecCryptoAppKeyLoad(files, format, pwd, + xmlSecCryptoAppGetDefaultPwdCallback(), (void*)files); + if(key == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppKeyLoad", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "uri=%s", + xmlSecErrorsSafeString(files)); + return(-1); + } + + if(name != NULL) { + ret = xmlSecKeySetName(key, BAD_CAST name); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeySetName", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "name=%s", + xmlSecErrorsSafeString(name)); + xmlSecKeyDestroy(key); + return(-1); + } + } + +#ifndef XMLSEC_NO_X509 + for(files += strlen(files) + 1; (files[0] != '\0'); files += strlen(files) + 1) { + ret = xmlSecCryptoAppKeyCertLoad(key, files, format); + if(ret < 0){ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppKeyCertLoad", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "uri=%s", + xmlSecErrorsSafeString(files)); + xmlSecKeyDestroy(key); + return(-1); + } + } +#else /* XMLSEC_NO_X509 */ + files += strlen(files) + 1; + if(files[0] != '\0') { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "x509", + XMLSEC_ERRORS_R_DISABLED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } +#endif /* XMLSEC_NO_X509 */ + + ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppDefaultKeysMngrAdoptKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyDestroy(key); + return(-1); + } + + return(0); +} + + +int +xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(xmlSecKeysMngrPtr mngr, const char *filename, const char* pwd, const char *name) { + xmlSecKeyPtr key; + int ret; + + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(filename != NULL, -1); + +#ifndef XMLSEC_NO_X509 + key = xmlSecCryptoAppKeyLoad(filename, xmlSecKeyDataFormatPkcs12, pwd, + xmlSecCryptoAppGetDefaultPwdCallback(), (void*)filename); + if(key == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppKeyLoad", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "filename=%s", + xmlSecErrorsSafeString(filename)); + return(-1); + } + + if(name != NULL) { + ret = xmlSecKeySetName(key, BAD_CAST name); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeySetName", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "name=%s", + xmlSecErrorsSafeString(name)); + xmlSecKeyDestroy(key); + return(-1); + } + } + + ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppDefaultKeysMngrAdoptKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyDestroy(key); + return(-1); + } + + return(0); +#else /* XMLSEC_NO_X509 */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "x509", + XMLSEC_ERRORS_R_DISABLED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); +#endif /* XMLSEC_NO_X509 */ +} + +int +xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(xmlSecKeysMngrPtr mngr, const char* keyKlass, const char *filename, const char *name) { + xmlSecKeyPtr key; + xmlSecKeyDataId dataId; + int ret; + + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(keyKlass != NULL, -1); + xmlSecAssert2(filename != NULL, -1); + + /* find requested data */ + dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST keyKlass, + xmlSecKeyDataUsageAny); + if(dataId == xmlSecKeyDataIdUnknown) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeyDataIdListFindByName", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "name=%s", + xmlSecErrorsSafeString(keyKlass)); + return(-1); + } + + key = xmlSecKeyReadBinaryFile(dataId, filename); + if(key == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeyReadBinaryFile", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + ret = xmlSecKeySetName(key, BAD_CAST name); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeySetName", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "name=%s", + xmlSecErrorsSafeString(name)); + xmlSecKeyDestroy(key); + return(-1); + } + + /* finally add it to keys manager */ + ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppDefaultKeysMngrAdoptKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyDestroy(key); + return(-1); + } + + return(0); +} + + +int +xmlSecAppCryptoSimpleKeysMngrKeyGenerate(xmlSecKeysMngrPtr mngr, const char* keyKlassAndSize, const char* name) { + xmlSecKeyPtr key; + int ret; + + xmlSecAssert2(mngr != NULL, -1); + xmlSecAssert2(keyKlassAndSize != NULL, -1); + + key = xmlSecAppCryptoKeyGenerate(keyKlassAndSize, name, xmlSecKeyDataTypePermanent); + if(key == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecAppCryptoSimpleKeysMngrKeyGenerate", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "name=%s", + xmlSecErrorsSafeString(name)); + return(-1); + } + + ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoAppDefaultKeysMngrAdoptKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyDestroy(key); + return(-1); + } + return(0); +} + +xmlSecKeyPtr +xmlSecAppCryptoKeyGenerate(const char* keyKlassAndSize, const char* name, xmlSecKeyDataType type) { + xmlSecKeyPtr key; + char* buf; + char* p; + int size; + int ret; + + xmlSecAssert2(keyKlassAndSize != NULL, NULL); + + buf = (char*) xmlStrdup(BAD_CAST keyKlassAndSize); + if(buf == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_STRDUP_FAILED, + "name=%s", + xmlSecErrorsSafeString(name)); + return(NULL); + } + + /* separate key klass and size */ + p = strchr(buf, '-'); + if(p == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_INVALID_DATA, + "key size is not specified %s", + xmlSecErrorsSafeString(buf)); + xmlFree(buf); + return(NULL); + } + *(p++) = '\0'; + size = atoi(p); + + key = xmlSecKeyGenerateByName(BAD_CAST buf, size, type); + if(key == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeyGenerate", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "klass=%s;size=%d", + xmlSecErrorsSafeString(buf), + size); + xmlFree(buf); + return(NULL); + } + + ret = xmlSecKeySetName(key, BAD_CAST name); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeySetName", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "name=\"%s\"", + xmlSecErrorsSafeString(name)); + xmlSecKeyDestroy(key); + xmlFree(buf); + return(NULL); + } + + xmlFree(buf); + return(key); +} diff --git a/apps/crypto.h b/apps/crypto.h new file mode 100644 index 00000000..63a94a40 --- /dev/null +++ b/apps/crypto.h @@ -0,0 +1,70 @@ +/** + * XMLSec library + * + * + * See Copyright for the status of this software. + * + * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + */ +#ifndef __XMLSEC_APPS_CRYPTO_H__ +#define __XMLSEC_APPS_CRYPTO_H__ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +#include <libxml/tree.h> +#include <xmlsec/xmlsec.h> +#include <xmlsec/keys.h> +#include <xmlsec/keyinfo.h> +#include <xmlsec/keysmngr.h> +#include <xmlsec/crypto.h> + +int xmlSecAppCryptoInit (const char* config); +int xmlSecAppCryptoShutdown (void); + +xmlSecKeyPtr xmlSecAppCryptoKeyGenerate (const char* keyKlassAndSize, + const char* name, + xmlSecKeyDataType type); + +/***************************************************************************** + * + * Simple keys manager + * + ****************************************************************************/ +int xmlSecAppCryptoSimpleKeysMngrInit (xmlSecKeysMngrPtr mngr); +int xmlSecAppCryptoSimpleKeysMngrLoad (xmlSecKeysMngrPtr mngr, + const char *filename); +int xmlSecAppCryptoSimpleKeysMngrSave (xmlSecKeysMngrPtr mngr, + const char *filename, + xmlSecKeyDataType type); +int xmlSecAppCryptoSimpleKeysMngrCertLoad (xmlSecKeysMngrPtr mngr, + const char *filename, + xmlSecKeyDataFormat format, + xmlSecKeyDataType type); +int xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad (xmlSecKeysMngrPtr mngr, + const char *files, + const char* pwd, + const char* name, + xmlSecKeyDataFormat format); +int xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad (xmlSecKeysMngrPtr mngr, + const char *filename, + const char* pwd, + const char *name); +int xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad (xmlSecKeysMngrPtr mngr, + const char* keyKlass, + const char* filename, + const char *name); +int xmlSecAppCryptoSimpleKeysMngrKeyGenerate (xmlSecKeysMngrPtr mngr, + const char* keyKlassAndSize, + const char* name); + + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* __XMLSEC_APPS_CRYPTO_H__ */ + + + diff --git a/apps/xmlsec.c b/apps/xmlsec.c new file mode 100644 index 00000000..d551b5a6 --- /dev/null +++ b/apps/xmlsec.c @@ -0,0 +1,3058 @@ +/** + * XML Security standards test: XMLDSig + * + * See Copyright for the status of this software. + * + * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + */ +#include <stdlib.h> +#include <string.h> +#include <time.h> + +#if defined(_MSC_VER) +#define snprintf _snprintf +#endif + +#include <libxml/tree.h> +#include <libxml/xmlmemory.h> +#include <libxml/parser.h> +#include <libxml/xpath.h> +#include <libxml/xpathInternals.h> + +#ifndef XMLSEC_NO_XSLT +#include <libxslt/xslt.h> +#include <libxslt/extensions.h> +#include <libxslt/xsltInternals.h> +#include <libxslt/xsltutils.h> +#include <libxslt/security.h> +#include <libexslt/exslt.h> +#endif /* XMLSEC_NO_XSLT */ + +#include <xmlsec/xmlsec.h> +#include <xmlsec/xmltree.h> +#include <xmlsec/keys.h> +#include <xmlsec/keyinfo.h> +#include <xmlsec/keysmngr.h> +#include <xmlsec/transforms.h> +#include <xmlsec/xmldsig.h> +#include <xmlsec/xmlenc.h> +#include <xmlsec/xkms.h> +#include <xmlsec/parser.h> +#include <xmlsec/templates.h> +#include <xmlsec/errors.h> + +#include "crypto.h" +#include "cmdline.h" + +static const char copyright[] = + "Written by Aleksey Sanin <aleksey@aleksey.com>.\n\n" + "Copyright (C) 2002-2003 Aleksey Sanin.\n" + "This is free software: see the source for copying information.\n"; + +static const char bugs[] = + "Report bugs to http://www.aleksey.com/xmlsec/bugs.html\n"; + +static const char helpCommands1[] = + "Usage: xmlsec <command> [<options>] [<files>]\n" + "\n" + "xmlsec is a command line tool for signing, verifying, encrypting and\n" + "decrypting XML documents. The allowed <command> values are:\n" + " --help " "\tdisplay this help information and exit\n" + " --help-all " "\tdisplay help information for all commands/options and exit\n" + " --help-<cmd>" "\tdisplay help information for command <cmd> and exit\n" + " --version " "\tprint version information and exit\n" + " --keys " "\tkeys XML file manipulation\n"; + +static const char helpCommands2[] = +#ifndef XMLSEC_NO_XMLDSIG + " --sign " "\tsign data and output XML document\n" + " --verify " "\tverify signed document\n" +#ifndef XMLSEC_NO_TMPL_TEST + " --sign-tmpl " "\tcreate and sign dynamicaly generated signature template\n" +#endif /* XMLSEC_NO_TMPL_TEST */ +#endif /* XMLSEC_NO_XMLDSIG */ +#ifndef XMLSEC_NO_XMLENC + " --encrypt " "\tencrypt data and output XML document\n" + " --decrypt " "\tdecrypt data from XML document\n" +#endif /* XMLSEC_NO_XMLENC */ +#ifndef XMLSEC_NO_XKMS + " --xkms-server-request ""\tprocess data as XKMS server request\n" +#endif /* XMLSEC_NO_XKMS */ + ; + +static const char helpVersion[] = + "Usage: xmlsec version\n" + "Prints version information and exits\n"; + +static const char helpKeys[] = + "Usage: xmlsec keys [<options>] <file>\n" + "Creates a new XML keys file <file>\n"; + +static const char helpSign[] = + "Usage: xmlsec sign [<options>] <file>\n" + "Calculates XML Digital Signature using template file <file>\n"; + +static const char helpVerify[] = + "Usage: xmlsec verify [<options>] <file>\n" + "Verifies XML Digital Signature in the <file>\n"; + +static const char helpSignTmpl[] = + "Usage: xmlsec sign-tmpl [<options>]\n" + "Creates a simple dynamic template and calculates XML Digital Signature\n" + "(for testing only).\n"; + +static const char helpEncrypt[] = + "Usage: xmlsec encrypt [<options>] <file>\n" + "Encrypts data and creates XML Encryption using template file <file>\n"; + +static const char helpEncryptTmpl[] = + "Usage: xmlsec encrypt [<options>]\n" + "Creates a simple dynamic template and calculates XML Encryption\n"; + +static const char helpDecrypt[] = + "Usage: xmlsec decrypt [<options>] <file>\n" + "Decrypts XML Encryption data in the <file>\n"; + +static const char helpXkmsServerRequest[] = + "Usage: xmlsec xkms-server-request [<options>] <file>\n" + "Processes the <file> as XKMS server request and outputs the response\n"; + +static const char helpListKeyData[] = + "Usage: xmlsec list-key-data\n" + "Prints the list of known key data klasses\n"; + +static const char helpCheckKeyData[] = + "Usage: xmlsec check-key-data <key-data-name> [<key-data-name> ... ]\n" + "Checks the given key-data against the list of known key-data klasses\n"; + +static const char helpListTransforms[] = + "Usage: xmlsec list-transforms\n" + "Prints the list of known transform klasses\n"; + +static const char helpCheckTransforms[] = + "Usage: xmlsec check-transforms <transform-name> [<transform-name> ... ]\n" + "Checks the given transforms against the list of known transform klasses\n"; + +#define xmlSecAppCmdLineTopicGeneral 0x0001 +#define xmlSecAppCmdLineTopicDSigCommon 0x0002 +#define xmlSecAppCmdLineTopicDSigSign 0x0004 +#define xmlSecAppCmdLineTopicDSigVerify 0x0008 +#define xmlSecAppCmdLineTopicEncCommon 0x0010 +#define xmlSecAppCmdLineTopicEncEncrypt 0x0020 +#define xmlSecAppCmdLineTopicEncDecrypt 0x0040 +#define xmlSecAppCmdLineTopicXkmsCommon 0x0080 +#define xmlSecAppCmdLineTopicKeysMngr 0x1000 +#define xmlSecAppCmdLineTopicX509Certs 0x2000 +#define xmlSecAppCmdLineTopicVersion 0x4000 +#define xmlSecAppCmdLineTopicCryptoConfig 0x8000 +#define xmlSecAppCmdLineTopicAll 0xFFFF + +/**************************************************************** + * + * General configuration params + * + ***************************************************************/ +static xmlSecAppCmdLineParam helpParam = { + xmlSecAppCmdLineTopicGeneral, + "--help", + "-h", + "--help" + "\n\tprint help information about the command", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam cryptoParam = { + xmlSecAppCmdLineTopicCryptoConfig, + "--crypto", + NULL, + "--crypto <name>" + "\n\tthe name of the crypto engine to use from the following" + "\n\tlist: openssl, mscrypto, nss, gnutls, gcrypt (if no crypto engine is" + "\n\tspecified then the default one is used)", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam cryptoConfigParam = { + xmlSecAppCmdLineTopicCryptoConfig, + "--crypto-config", + NULL, + "--crypto-config <path>" + "\n\tpath to crypto engine configuration", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + + +static xmlSecAppCmdLineParam repeatParam = { + xmlSecAppCmdLineTopicCryptoConfig, + "--repeat", + "-r", + "--repeat <number>" + "\n\trepeat the operation <number> times", + xmlSecAppCmdLineParamTypeNumber, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + + +static xmlSecAppCmdLineParam disableErrorMsgsParam = { + xmlSecAppCmdLineTopicGeneral, + "--disable-error-msgs", + NULL, + "--disable-error-msgs" + "\n\tdo not print xmlsec error messages", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam printCryptoErrorMsgsParam = { + xmlSecAppCmdLineTopicGeneral, + "--print-crypto-error-msgs", + NULL, + "--print-crypto-error-msgs" + "\n\tprint errors stack at the end", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +/**************************************************************** + * + * Keys Manager params + * + ***************************************************************/ +static xmlSecAppCmdLineParam genKeyParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--gen-key", + "-g", + "--gen-key[:<name>] <keyKlass>-<keySize>" + "\n\tgenerate new <keyKlass> key of <keySize> bits size," + "\n\tset the key name to <name> and add the result to keys" + "\n\tmanager (for example, \"--gen:mykey rsa-1024\" generates" + "\n\ta new 1024 bits RSA key and sets it's name to \"mykey\")", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam keysFileParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--keys-file", + "-k", + "--keys-file <file>" + "\n\tload keys from XML file", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam privkeyParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--privkey-pem", + "--privkey", + "--privkey-pem[:<name>] <file>[,<cafile>[,<cafile>[...]]]" + "\n\tload private key from PEM file and certificates" + "\n\tthat verify this key", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam privkeyDerParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--privkey-der", + NULL, + "--privkey-der[:<name>] <file>[,<cafile>[,<cafile>[...]]]" + "\n\tload private key from DER file and certificates" + "\n\tthat verify this key", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam pkcs8PemParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pkcs8-pem", + "--privkey-p8-pem", + "--pkcs8-pem[:<name>] <file>[,<cafile>[,<cafile>[...]]]" + "\n\tload private key from PKCS8 PEM file and PEM certificates" + "\n\tthat verify this key", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam pkcs8DerParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pkcs8-der", + "--privkey-p8-der", + "--pkcs8-der[:<name>] <file>[,<cafile>[,<cafile>[...]]]" + "\n\tload private key from PKCS8 DER file and DER certificates" + "\n\tthat verify this key", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam pubkeyParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pubkey-pem", + "--pubkey", + "--pubkey-pem[:<name>] <file>" + "\n\tload public key from PEM file", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam pubkeyDerParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pubkey-der", + NULL, + "--pubkey-der[:<name>] <file>" + "\n\tload public key from DER file", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + + +#ifndef XMLSEC_NO_AES +static xmlSecAppCmdLineParam aeskeyParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--aeskey", + NULL, + "--aeskey[:<name>] <file>" + "\n\tload AES key from binary file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; +#endif /* XMLSEC_NO_AES */ + +#ifndef XMLSEC_NO_DES +static xmlSecAppCmdLineParam deskeyParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--deskey", + NULL, + "--deskey[:<name>] <file>" + "\n\tload DES key from binary file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; +#endif /* XMLSEC_NO_DES */ + +#ifndef XMLSEC_NO_HMAC +static xmlSecAppCmdLineParam hmackeyParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--hmackey", + NULL, + "--hmackey[:<name>] <file>" + "\n\tload HMAC key from binary file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; +#endif /* XMLSEC_NO_HMAC */ + +static xmlSecAppCmdLineParam pwdParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pwd", + NULL, + "--pwd <password>" + "\n\tthe password to use for reading keys and certs", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam enabledKeyDataParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--enabled-key-data", + NULL, + "--enabled-key-data <list>" + "\n\tcomma separated list of enabled key data (list of " + "\n\tregistered key data klasses is available with \"--list-key-data\"" + "\n\tcommand); by default, all registered key data are enabled", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam enabledRetrievalMethodUrisParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--enabled-retrieval-method-uris", + NULL, + "--enabled-retrieval-uris <list>" + "\n\tcomma separated list of of the following values:" + "\n\t\"empty\", \"same-doc\", \"local\",\"remote\" to restrict possible URI" + "\n\tattribute values for the <dsig:RetrievalMethod> element.", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +/**************************************************************** + * + * Common params + * + ***************************************************************/ +static xmlSecAppCmdLineParam sessionKeyParam = { + xmlSecAppCmdLineTopicDSigSign | xmlSecAppCmdLineTopicEncEncrypt, + "--session-key", + NULL, + "--session-key <keyKlass>-<keySize>" + "\n\tgenerate new session <keyKlass> key of <keySize> bits size" + "\n\t(for example, \"--session des-192\" generates a new 192 bits" + "\n\tDES key for DES3 encryption)", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam outputParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--output", + "-o", + "--output <filename>" + "\n\twrite result document to file <filename>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam nodeIdParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--node-id", + NULL, + "--node-id <id>" + "\n\tset the operation start point to the node with given <id>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam nodeNameParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--node-name", + NULL, + "--node-name [<namespace-uri>:]<name>" + "\n\tset the operation start point to the first node" + "\n\twith given <name> and <namespace> URI", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam nodeXPathParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--node-xpath", + NULL, + "--node-xpath <expr>" + "\n\tset the operation start point to the first node" + "\n\tselected by the specified XPath expression", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam dtdFileParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--dtd-file", + NULL, + "--dtd-file <file>" + "\n\tload the specified file as the DTD", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam printDebugParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--print-debug", + NULL, + "--print-debug" + "\n\tprint debug information to stdout", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam printXmlDebugParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--print-xml-debug", + NULL, + "--print-xml-debug" + "\n\tprint debug information to stdout in xml format", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam idAttrParam = { + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicXkmsCommon, + "--id-attr", + NULL, + "--id-attr[:<attr-name>] [<node-namespace-uri>:]<node-name>" + "\n\tadds attributes <attr-name> (default value \"id\") from all nodes" + "\n\twith<node-name> and namespace <node-namespace-uri> to the list of" + "\n\tknown ID attributes; this is a hack and if you can use DTD or schema" + "\n\tto declare ID attributes instead (see \"--dtd-file\" option)," + "\n\tI don't know what else might be broken in your application when" + "\n\tyou use this hack", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + + +/**************************************************************** + * + * Common dsig params + * + ***************************************************************/ +#ifndef XMLSEC_NO_XMLDSIG +static xmlSecAppCmdLineParam ignoreManifestsParam = { + xmlSecAppCmdLineTopicDSigCommon, + "--ignore-manifests", + NULL, + "--ignore-manifests" + "\n\tdo not process <dsig:Manifest> elements", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam storeReferencesParam = { + xmlSecAppCmdLineTopicDSigCommon, + "--store-references", + NULL, + "--store-references" + "\n\tstore and print the result of <dsig:Reference/> element processing" + "\n\tjust before calculating digest", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam storeSignaturesParam = { + xmlSecAppCmdLineTopicDSigCommon, + "--store-signatures", + NULL, + "--store-signatures" + "\n\tstore and print the result of <dsig:Signature> processing" + "\n\tjust before calculating signature", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam enabledRefUrisParam = { + xmlSecAppCmdLineTopicDSigCommon, + "--enabled-reference-uris", + NULL, + "--enabled-reference-uris <list>" + "\n\tcomma separated list of of the following values:" + "\n\t\"empty\", \"same-doc\", \"local\",\"remote\" to restrict possible URI" + "\n\tattribute values for the <dsig:Reference> element", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam enableVisa3DHackParam = { + xmlSecAppCmdLineTopicDSigCommon, + "--enable-visa3d-hack", + NULL, + "--enable-visa3d-hack" + "\n\tenables Visa3D protocol specific hack for URI attributes processing" + "\n\twhen we are trying not to use XPath/XPointer engine; this is a hack" + "\n\tand I don't know what else might be broken in your application when" + "\n\tyou use it (also check \"--id-attr\" option because you might need it)", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +#endif /* XMLSEC_NO_XMLDSIG */ + +/**************************************************************** + * + * Enc params + * + ***************************************************************/ +#ifndef XMLSEC_NO_XMLENC +static xmlSecAppCmdLineParam enabledCipherRefUrisParam = { + xmlSecAppCmdLineTopicEncCommon, + "--enabled-cipher-reference-uris", + NULL, + "--enabled-cipher-reference-uris <list>" + "\n\tcomma separated list of of the following values:" + "\n\t\"empty\", \"same-doc\", \"local\",\"remote\" to restrict possible URI" + "\n\tattribute values for the <enc:CipherReference> element", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam binaryDataParam = { + xmlSecAppCmdLineTopicEncEncrypt, + "--binary-data", + "--binary", + "--binary-data <file>" + "\n\tbinary <file> to encrypt", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam xmlDataParam = { + xmlSecAppCmdLineTopicEncEncrypt, + "--xml-data", + NULL, + "--xml-data <file>" + "\n\tXML <file> to encrypt", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; +#endif /* XMLSEC_NO_XMLENC */ + +/**************************************************************** + * + * XKMS params + * + ***************************************************************/ +#ifndef XMLSEC_NO_XKMS +static xmlSecAppCmdLineParam xkmsServiceParam = { + xmlSecAppCmdLineTopicXkmsCommon, + "--xkms-service", + NULL, + "--xkms-service <uri>" + "\n\tsets XKMS \"Service\" <uri>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam xkmsFormatParam = { + xmlSecAppCmdLineTopicXkmsCommon, + "--xkms-format", + NULL, + "--xkms-format <format>" + "\n\tsets the XKMS request/response format to one of the following values:" + "\n\t \"plain\" (default), \"soap-1.1\" or \"soap-1.2\"", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam xkmsStopUnknownResponseMechanismParam = { + xmlSecAppCmdLineTopicXkmsCommon, /* todo: server */ + "--xkms-stop-on-unknown-response-mechanism", + NULL, + "--xkms-stop-on-unknown-response-mechanism" + "\n\tstop processing XKMS server request if unknown ResponseMechanism" + "\n\tvalue was found", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam xkmsStopUnknownRespondWithParam = { + xmlSecAppCmdLineTopicXkmsCommon, /* todo: server */ + "--xkms-stop-on-unknown-respond-with", + NULL, + "--xkms-stop-on-unknown-respond-with" + "\n\tstop processing XKMS server request if unknown RespondWith" + "\n\tvalue was found", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam xkmsStopUnknownKeyUsageParam = { + xmlSecAppCmdLineTopicXkmsCommon, /* todo: server */ + "--xkms-stop-on-unknown-key-usage", + NULL, + "--xkms-stop-on-unknown-key-usage" + "\n\tstop processing XKMS server request if unknown KeyUsage" + "\n\tvalue was found", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +#endif /* XMLSEC_NO_XKMS */ + +/**************************************************************** + * + * X509 params + * + ***************************************************************/ +#ifndef XMLSEC_NO_X509 +static xmlSecAppCmdLineParam pkcs12Param = { + xmlSecAppCmdLineTopicKeysMngr, + "--pkcs12", + NULL, + "--pkcs12[:<name>] <file>" + "\n\tload load private key from pkcs12 file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam pubkeyCertParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pubkey-cert-pem", + "--pubkey-cert", + "--pubkey-cert-pem[:<name>] <file>" + "\n\tload public key from PEM cert file", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam pubkeyCertDerParam = { + xmlSecAppCmdLineTopicKeysMngr, + "--pubkey-cert-der", + NULL, + "--pubkey-cert-der[:<name>] <file>" + "\n\tload public key from DER cert file", + xmlSecAppCmdLineParamTypeStringList, + xmlSecAppCmdLineParamFlagParamNameValue | xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam trustedParam = { + xmlSecAppCmdLineTopicX509Certs, + "--trusted-pem", + "--trusted", + "--trusted-pem <file>" + "\n\tload trusted (root) certificate from PEM file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam untrustedParam = { + xmlSecAppCmdLineTopicX509Certs, + "--untrusted-pem", + "--untrusted", + "--untrusted-pem <file>" + "\n\tload untrusted certificate from PEM file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam trustedDerParam = { + xmlSecAppCmdLineTopicX509Certs, + "--trusted-der", + NULL, + "--trusted-der <file>" + "\n\tload trusted (root) certificate from DER file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam untrustedDerParam = { + xmlSecAppCmdLineTopicX509Certs, + "--untrusted-der", + NULL, + "--untrusted-der <file>" + "\n\tload untrusted certificate from DER file <file>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagMultipleValues, + NULL +}; + +static xmlSecAppCmdLineParam verificationTimeParam = { + xmlSecAppCmdLineTopicX509Certs, + "--verification-time", + NULL, + "--verification-time <time>" + "\n\tthe local time in \"YYYY-MM-DD HH:MM:SS\" format" + "\n\tused certificates verification", + xmlSecAppCmdLineParamTypeTime, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam depthParam = { + xmlSecAppCmdLineTopicX509Certs, + "--depth", + NULL, + "--depth <number>" + "\n\tmaximum certificates chain depth", + xmlSecAppCmdLineParamTypeNumber, + xmlSecAppCmdLineParamFlagNone, + NULL +}; + +static xmlSecAppCmdLineParam X509SkipStrictChecksParam = { + xmlSecAppCmdLineTopicX509Certs, + "--X509-skip-strict-checks", + NULL, + "--X509-skip-strict-checks" + "\n\tskip strict checking of X509 data", + xmlSecAppCmdLineParamTypeFlag, + xmlSecAppCmdLineParamFlagNone, + NULL +}; +#endif /* XMLSEC_NO_X509 */ + +static xmlSecAppCmdLineParamPtr parameters[] = { + /* common dsig params */ +#ifndef XMLSEC_NO_XMLDSIG + &ignoreManifestsParam, + &storeReferencesParam, + &storeSignaturesParam, + &enabledRefUrisParam, + &enableVisa3DHackParam, +#endif /* XMLSEC_NO_XMLDSIG */ + + /* enc params */ +#ifndef XMLSEC_NO_XMLENC + &binaryDataParam, + &xmlDataParam, + &enabledCipherRefUrisParam, +#endif /* XMLSEC_NO_XMLENC */ + + /* xkms params */ +#ifndef XMLSEC_NO_XKMS + &xkmsServiceParam, + &xkmsFormatParam, + &xkmsStopUnknownResponseMechanismParam, + &xkmsStopUnknownRespondWithParam, + &xkmsStopUnknownKeyUsageParam, +#endif /* XMLSEC_NO_XKMS */ + + /* common dsig and enc parameters */ + &sessionKeyParam, + &outputParam, + &printDebugParam, + &printXmlDebugParam, + &dtdFileParam, + &nodeIdParam, + &nodeNameParam, + &nodeXPathParam, + &idAttrParam, + + /* Keys Manager params */ + &enabledKeyDataParam, + &enabledRetrievalMethodUrisParam, + &genKeyParam, + &keysFileParam, + &privkeyParam, + &privkeyDerParam, + &pkcs8PemParam, + &pkcs8DerParam, + &pubkeyParam, + &pubkeyDerParam, +#ifndef XMLSEC_NO_AES + &aeskeyParam, +#endif /* XMLSEC_NO_AES */ +#ifndef XMLSEC_NO_DES + &deskeyParam, +#endif /* XMLSEC_NO_DES */ +#ifndef XMLSEC_NO_HMAC + &hmackeyParam, +#endif /* XMLSEC_NO_HMAC */ + &pwdParam, +#ifndef XMLSEC_NO_X509 + &pkcs12Param, + &pubkeyCertParam, + &pubkeyCertDerParam, + &trustedParam, + &untrustedParam, + &trustedDerParam, + &untrustedDerParam, + &verificationTimeParam, + &depthParam, + &X509SkipStrictChecksParam, +#endif /* XMLSEC_NO_X509 */ + + /* General configuration params */ + &cryptoParam, + &cryptoConfigParam, + &repeatParam, + &disableErrorMsgsParam, + &printCryptoErrorMsgsParam, + &helpParam, + + /* MUST be the last one */ + NULL +}; + +typedef enum { + xmlSecAppCommandUnknown = 0, + xmlSecAppCommandHelp, + xmlSecAppCommandListKeyData, + xmlSecAppCommandCheckKeyData, + xmlSecAppCommandListTransforms, + xmlSecAppCommandCheckTransforms, + xmlSecAppCommandVersion, + xmlSecAppCommandKeys, + xmlSecAppCommandSign, + xmlSecAppCommandVerify, + xmlSecAppCommandSignTmpl, + xmlSecAppCommandEncrypt, + xmlSecAppCommandDecrypt, + xmlSecAppCommandEncryptTmpl, + xmlSecAppCommandXkmsServerRequest +} xmlSecAppCommand; + +typedef struct _xmlSecAppXmlData xmlSecAppXmlData, + *xmlSecAppXmlDataPtr; +struct _xmlSecAppXmlData { + xmlDocPtr doc; + xmlDtdPtr dtd; + xmlNodePtr startNode; +}; + +static xmlSecAppXmlDataPtr xmlSecAppXmlDataCreate (const char* filename, + const xmlChar* defStartNodeName, + const xmlChar* defStartNodeNs); +static void xmlSecAppXmlDataDestroy (xmlSecAppXmlDataPtr data); + + +static xmlSecAppCommand xmlSecAppParseCommand (const char* cmd, + xmlSecAppCmdLineParamTopic* topics, + xmlSecAppCommand* subCommand); +static void xmlSecAppPrintHelp (xmlSecAppCommand command, + xmlSecAppCmdLineParamTopic topics); +#define xmlSecAppPrintUsage() xmlSecAppPrintHelp(xmlSecAppCommandUnknown, 0) +static int xmlSecAppInit (void); +static void xmlSecAppShutdown (void); +static int xmlSecAppLoadKeys (void); +static int xmlSecAppPrepareKeyInfoReadCtx (xmlSecKeyInfoCtxPtr ctx); + +#ifndef XMLSEC_NO_XMLDSIG +static int xmlSecAppSignFile (const char* filename); +static int xmlSecAppVerifyFile (const char* filename); +#ifndef XMLSEC_NO_TMPL_TEST +static int xmlSecAppSignTmpl (void); +#endif /* XMLSEC_NO_TMPL_TEST */ +static int xmlSecAppPrepareDSigCtx (xmlSecDSigCtxPtr dsigCtx); +static void xmlSecAppPrintDSigCtx (xmlSecDSigCtxPtr dsigCtx); +#endif /* XMLSEC_NO_XMLDSIG */ + +#ifndef XMLSEC_NO_XMLENC +static int xmlSecAppEncryptFile (const char* filename); +static int xmlSecAppDecryptFile (const char* filename); +#ifndef XMLSEC_NO_TMPL_TEST +static int xmlSecAppEncryptTmpl (void); +#endif /* XMLSEC_NO_TMPL_TEST */ +static int xmlSecAppPrepareEncCtx (xmlSecEncCtxPtr encCtx); +static void xmlSecAppPrintEncCtx (xmlSecEncCtxPtr encCtx); +#endif /* XMLSEC_NO_XMLENC */ + +#ifndef XMLSEC_NO_XKMS +static int xmlSecAppXkmsServerProcess (const char* filename); +static int xmlSecAppPrepareXkmsServerCtx (xmlSecXkmsServerCtxPtr xkmsServerCtx); +static void xmlSecAppPrintXkmsServerCtx (xmlSecXkmsServerCtxPtr xkmsServerCtx); +#endif /* XMLSEC_NO_XKMS */ + +static void xmlSecAppListKeyData (void); +static int xmlSecAppCheckKeyData (const char * name); +static void xmlSecAppListTransforms (void); +static int xmlSecAppCheckTransform (const char * name); + +static xmlSecTransformUriType xmlSecAppGetUriType (const char* string); +static FILE* xmlSecAppOpenFile (const char* filename); +static void xmlSecAppCloseFile (FILE* file); +static int xmlSecAppWriteResult (xmlDocPtr doc, + xmlSecBufferPtr buffer); +static int xmlSecAppAddIDAttr (xmlNodePtr cur, + const xmlChar* attr, + const xmlChar* node, + const xmlChar* nsHref); + +xmlSecKeysMngrPtr gKeysMngr = NULL; +int repeats = 1; +int print_debug = 0; +clock_t total_time = 0; +const char* xmlsec_crypto = XMLSEC_CRYPTO; +const char* tmp = NULL; + +int main(int argc, const char **argv) { + xmlSecAppCmdLineParamTopic cmdLineTopics; + xmlSecAppCommand command, subCommand; + int pos, i; + int res = 1; + + /* read the command (first argument) */ + if(argc < 2) { + xmlSecAppPrintUsage(); + goto fail; + } + command = xmlSecAppParseCommand(argv[1], &cmdLineTopics, &subCommand); + if(command == xmlSecAppCommandUnknown) { + fprintf(stderr, "Error: unknown command \"%s\"\n", argv[1]); + xmlSecAppPrintUsage(); + goto fail; + } + + /* do as much as we can w/o initialization */ + if(command == xmlSecAppCommandHelp) { + xmlSecAppPrintHelp(subCommand, cmdLineTopics); + goto success; + } else if(command == xmlSecAppCommandVersion) { + fprintf(stdout, "%s %s (%s)\n", PACKAGE, XMLSEC_VERSION, xmlsec_crypto); + goto success; + } + + /* parse command line */ + pos = xmlSecAppCmdLineParamsListParse(parameters, cmdLineTopics, argv, argc, 2); + if(pos < 0) { + fprintf(stderr, "Error: invalid parameters\n"); + xmlSecAppPrintUsage(); + goto fail; + } + + /* is it a help request? */ + if(xmlSecAppCmdLineParamIsSet(&helpParam)) { + xmlSecAppPrintHelp(command, cmdLineTopics); + goto success; + } + + /* we need to have some files at the end */ + switch(command) { + case xmlSecAppCommandKeys: + case xmlSecAppCommandSign: + case xmlSecAppCommandVerify: + case xmlSecAppCommandEncrypt: + case xmlSecAppCommandDecrypt: + case xmlSecAppCommandXkmsServerRequest: + if(pos >= argc) { + fprintf(stderr, "Error: <file> parameter is requried for this command\n"); + xmlSecAppPrintUsage(); + goto fail; + } + break; + default: + break; + } + + /* now init the xmlsec and all other libs */ + /* ignore "--crypto" if we don't have dynamic loading */ + tmp = xmlSecAppCmdLineParamGetString(&cryptoParam); +#if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) + if((tmp != NULL) && (strcmp(tmp, "default") != 0)) { + xmlsec_crypto = tmp; + } +#else /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */ + if((tmp != NULL) && (strcmp(tmp, xmlsec_crypto) != 0)) { + fprintf(stderr, "Error: dynaimc crypto libraries loading is disabled and the only available crypto library is '%s'\n", xmlsec_crypto); + xmlSecAppPrintUsage(); + goto fail; + } +#endif /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */ + + if(xmlSecAppInit() < 0) { + fprintf(stderr, "Error: initialization failed\n"); + xmlSecAppPrintUsage(); + goto fail; + } + + /* load keys */ + if(xmlSecAppLoadKeys() < 0) { + fprintf(stderr, "Error: keys manager creation failed\n"); + xmlSecAppPrintUsage(); + goto fail; + } + + /* get the "repeats" number */ + if(xmlSecAppCmdLineParamIsSet(&repeatParam) && + (xmlSecAppCmdLineParamGetInt(&repeatParam, 1) > 0)) { + + repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1); + } + + /* execute requested number of times */ + for(; repeats > 0; --repeats) { + switch(command) { + case xmlSecAppCommandListKeyData: + xmlSecAppListKeyData(); + break; + case xmlSecAppCommandCheckKeyData: + for(i = pos; i < argc; ++i) { + if(xmlSecAppCheckKeyData(argv[i]) < 0) { + fprintf(stderr, "Error: key data \"%s\" not found\n", argv[i]); + goto fail; + } else { + fprintf(stdout, "Key data \"%s\" found\n", argv[i]); + } + } + break; + case xmlSecAppCommandListTransforms: + xmlSecAppListTransforms(); + break; + case xmlSecAppCommandCheckTransforms: + for(i = pos; i < argc; ++i) { + if(xmlSecAppCheckTransform(argv[i]) < 0) { + fprintf(stderr, "Error: transform \"%s\" not found\n", argv[i]); + goto fail; + } else { + fprintf(stdout, "Transforms \"%s\" found\n", argv[i]); + } + } + break; + case xmlSecAppCommandKeys: + for(i = pos; i < argc; ++i) { + if(xmlSecAppCryptoSimpleKeysMngrSave(gKeysMngr, argv[i], xmlSecKeyDataTypeAny) < 0) { + fprintf(stderr, "Error: failed to save keys to file \"%s\"\n", argv[i]); + goto fail; + } + } + break; +#ifndef XMLSEC_NO_XMLDSIG + case xmlSecAppCommandSign: + for(i = pos; i < argc; ++i) { + if(xmlSecAppSignFile(argv[i]) < 0) { + fprintf(stderr, "Error: failed to sign file \"%s\"\n", argv[i]); + goto fail; + } + } + break; + case xmlSecAppCommandVerify: + for(i = pos; i < argc; ++i) { + if(xmlSecAppVerifyFile(argv[i]) < 0) { + fprintf(stderr, "Error: failed to verify file \"%s\"\n", argv[i]); + goto fail; + } + } + break; +#ifndef XMLSEC_NO_TMPL_TEST + case xmlSecAppCommandSignTmpl: + if(xmlSecAppSignTmpl() < 0) { + fprintf(stderr, "Error: failed to create and sign template\n"); + goto fail; + } + break; +#endif /* XMLSEC_NO_TMPL_TEST */ +#endif /* XMLSEC_NO_XMLDSIG */ + +#ifndef XMLSEC_NO_XMLENC + case xmlSecAppCommandEncrypt: + for(i = pos; i < argc; ++i) { + if(xmlSecAppEncryptFile(argv[i]) < 0) { + fprintf(stderr, "Error: failed to encrypt file with template \"%s\"\n", argv[i]); + goto fail; + } + } + break; + case xmlSecAppCommandDecrypt: + for(i = pos; i < argc; ++i) { + if(xmlSecAppDecryptFile(argv[i]) < 0) { + fprintf(stderr, "Error: failed to decrypt file \"%s\"\n", argv[i]); + goto fail; + } + } + break; +#ifndef XMLSEC_NO_TMPL_TEST + case xmlSecAppCommandEncryptTmpl: + if(xmlSecAppEncryptTmpl() < 0) { + fprintf(stderr, "Error: failed to create and encrypt template\n"); + goto fail; + } + break; +#endif /* XMLSEC_NO_TMPL_TEST */ +#endif /* XMLSEC_NO_XMLENC */ + +#ifndef XMLSEC_NO_XKMS + case xmlSecAppCommandXkmsServerRequest: + for(i = pos; i < argc; ++i) { + if(xmlSecAppXkmsServerProcess(argv[i]) < 0) { + fprintf(stderr, "Error: failed to process XKMS server request from file \"%s\"\n", argv[i]); + goto fail; + } + } + break; +#endif /* XMLSEC_NO_XKMS */ + default: + fprintf(stderr, "Error: invalid command %d\n", command); + xmlSecAppPrintUsage(); + goto fail; + } + } + + /* print perf stats results */ + if(xmlSecAppCmdLineParamIsSet(&repeatParam) && + (xmlSecAppCmdLineParamGetInt(&repeatParam, 1) > 0)) { + + repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1); + fprintf(stderr, "Executed %d tests in %ld msec\n", repeats, (1000 * total_time) / CLOCKS_PER_SEC); + } + + goto success; +success: + res = 0; +fail: + if(gKeysMngr != NULL) { + xmlSecKeysMngrDestroy(gKeysMngr); + gKeysMngr = NULL; + } + xmlSecAppShutdown(); + xmlSecAppCmdLineParamsListClean(parameters); + return(res); +} + + +#ifndef XMLSEC_NO_XMLDSIG +static int +xmlSecAppSignFile(const char* filename) { + xmlSecAppXmlDataPtr data = NULL; + xmlSecDSigCtx dsigCtx; + clock_t start_time; + int res = -1; + + if(filename == NULL) { + return(-1); + } + + if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: dsig context initialization failed\n"); + return(-1); + } + + if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) { + fprintf(stderr, "Error: dsig context preparation failed\n"); + goto done; + } + + /* parse template and select start node */ + data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs); + if(data == NULL) { + fprintf(stderr, "Error: failed to load template \"%s\"\n", filename); + goto done; + } + + + /* sign */ + start_time = clock(); + if(xmlSecDSigCtxSign(&dsigCtx, data->startNode) < 0) { + fprintf(stderr,"Error: signature failed \n"); + goto done; + } + total_time += clock() - start_time; + + if(repeats <= 1) { + FILE* f; + + f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam)); + if(f == NULL) { + fprintf(stderr,"Error: failed to open output file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&outputParam)); + goto done; + } + xmlDocDump(f, data->doc); + xmlSecAppCloseFile(f); + } + + res = 0; +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecAppPrintDSigCtx(&dsigCtx); + } + xmlSecDSigCtxFinalize(&dsigCtx); + if(data != NULL) { + xmlSecAppXmlDataDestroy(data); + } + return(res); +} + +static int +xmlSecAppVerifyFile(const char* filename) { + xmlSecAppXmlDataPtr data = NULL; + xmlSecDSigCtx dsigCtx; + clock_t start_time; + int res = -1; + + if(filename == NULL) { + return(-1); + } + + if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: dsig context initialization failed\n"); + return(-1); + } + if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) { + fprintf(stderr, "Error: dsig context preparation failed\n"); + goto done; + } + + /* parse template and select start node */ + data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs); + if(data == NULL) { + fprintf(stderr, "Error: failed to load document \"%s\"\n", filename); + goto done; + } + + /* sign */ + start_time = clock(); + if(xmlSecDSigCtxVerify(&dsigCtx, data->startNode) < 0) { + fprintf(stderr,"Error: signature failed \n"); + goto done; + } + total_time += clock() - start_time; + + if((repeats <= 1) && (dsigCtx.status != xmlSecDSigStatusSucceeded)){ + /* return an error if signature does not match */ + goto done; + } + + res = 0; +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecDSigReferenceCtxPtr dsigRefCtx; + xmlSecSize good, i, size; + FILE* f; + + f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam)); + if(f == NULL) { + fprintf(stderr,"Error: failed to open output file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&outputParam)); + goto done; + } + xmlSecAppCloseFile(f); + + switch(dsigCtx.status) { + case xmlSecDSigStatusUnknown: + fprintf(stderr, "ERROR\n"); + break; + case xmlSecDSigStatusSucceeded: + fprintf(stderr, "OK\n"); + break; + case xmlSecDSigStatusInvalid: + fprintf(stderr, "FAIL\n"); + break; + } + + /* print stats about # of good/bad references/manifests */ + size = xmlSecPtrListGetSize(&(dsigCtx.signedInfoReferences)); + for(i = good = 0; i < size; ++i) { + dsigRefCtx = (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx.signedInfoReferences), i); + if(dsigRefCtx == NULL) { + fprintf(stderr,"Error: reference ctx is null\n"); + goto done; + } + if(dsigRefCtx->status == xmlSecDSigStatusSucceeded) { + ++good; + } + } + fprintf(stderr, "SignedInfo References (ok/all): %d/%d\n", good, size); + + size = xmlSecPtrListGetSize(&(dsigCtx.manifestReferences)); + for(i = good = 0; i < size; ++i) { + dsigRefCtx = (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx.manifestReferences), i); + if(dsigRefCtx == NULL) { + fprintf(stderr,"Error: reference ctx is null\n"); + goto done; + } + if(dsigRefCtx->status == xmlSecDSigStatusSucceeded) { + ++good; + } + } + fprintf(stderr, "Manifests References (ok/all): %d/%d\n", good, size); + + xmlSecAppPrintDSigCtx(&dsigCtx); + } + xmlSecDSigCtxFinalize(&dsigCtx); + if(data != NULL) { + xmlSecAppXmlDataDestroy(data); + } + return(res); +} + +#ifndef XMLSEC_NO_TMPL_TEST +static int +xmlSecAppSignTmpl(void) { + xmlDocPtr doc = NULL; + xmlNodePtr cur; + xmlSecDSigCtx dsigCtx; + clock_t start_time; + int res = -1; + + if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: dsig context initialization failed\n"); + return(-1); + } + if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) { + fprintf(stderr, "Error: dsig context preparation failed\n"); + goto done; + } + + /* prepare template */ + doc = xmlNewDoc(BAD_CAST "1.0"); + if(doc == NULL) { + fprintf(stderr, "Error: failed to create doc\n"); + goto done; + } + + cur = xmlSecTmplSignatureCreate(doc, xmlSecTransformInclC14NId, + xmlSecTransformHmacSha1Id, NULL); + if(cur == NULL) { + fprintf(stderr, "Error: failed to create Signature node\n"); + goto done; + } + xmlDocSetRootElement(doc, cur); + + /* set hmac signature length */ + cur = xmlSecTmplSignatureGetSignMethodNode(xmlDocGetRootElement(doc)); + if(cur == NULL) { + fprintf(stderr, "Error: failed to find SignatureMethod node\n"); + goto done; + } + if(xmlSecTmplTransformAddHmacOutputLength(cur, 93) < 0) { + fprintf(stderr, "Error: failed to set hmac length\n"); + goto done; + } + + cur = xmlSecTmplSignatureAddReference(xmlDocGetRootElement(doc), + xmlSecTransformSha1Id, + BAD_CAST "ref1", NULL, NULL); + if(cur == NULL) { + fprintf(stderr, "Error: failed to add Reference node\n"); + goto done; + } + + cur = xmlSecTmplReferenceAddTransform(cur, xmlSecTransformXPath2Id); + if(cur == NULL) { + fprintf(stderr, "Error: failed to add XPath transform\n"); + goto done; + } + + if(xmlSecTmplTransformAddXPath2(cur, BAD_CAST "intersect", + BAD_CAST "//*[@Id='object1']", NULL) < 0) { + fprintf(stderr, "Error: failed to set XPath expression\n"); + goto done; + } + + cur = xmlSecTmplSignatureAddObject(xmlDocGetRootElement(doc), + BAD_CAST "object1", NULL, NULL); + if(cur == NULL) { + fprintf(stderr, "Error: failed to add Object node\n"); + goto done; + } + xmlNodeSetContent(cur, BAD_CAST "This is signed data"); + + /* add key information */ + cur = xmlSecTmplSignatureEnsureKeyInfo(xmlDocGetRootElement(doc), NULL); + if(cur == NULL) { + fprintf(stderr, "Error: failed to add KeyInfo node\n"); + goto done; + } + if(xmlSecTmplKeyInfoAddKeyName(cur, NULL) == NULL) { + fprintf(stderr, "Error: failed to add KeyName node\n"); + goto done; + } + + /* sign */ + start_time = clock(); + if(xmlSecDSigCtxSign(&dsigCtx, xmlDocGetRootElement(doc)) < 0) { + fprintf(stderr,"Error: signature failed \n"); + goto done; + } + total_time += clock() - start_time; + + if(repeats <= 1) { + FILE* f; + + f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam)); + if(f == NULL) { + fprintf(stderr,"Error: failed to open output file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&outputParam)); + goto done; + } + xmlDocDump(f, doc); + xmlSecAppCloseFile(f); + } + + res = 0; +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecAppPrintDSigCtx(&dsigCtx); + } + xmlSecDSigCtxFinalize(&dsigCtx); + if(doc != NULL) { + xmlFreeDoc(doc); + } + return(res); +} +#endif /* XMLSEC_NO_TMPL_TEST */ + +static int +xmlSecAppPrepareDSigCtx(xmlSecDSigCtxPtr dsigCtx) { + if(dsigCtx == NULL) { + fprintf(stderr, "Error: dsig context is null\n"); + return(-1); + } + + /* set key info params */ + if(xmlSecAppPrepareKeyInfoReadCtx(&(dsigCtx->keyInfoReadCtx)) < 0) { + fprintf(stderr, "Error: failed to prepare key info context\n"); + return(-1); + } + + if(xmlSecAppCmdLineParamGetString(&sessionKeyParam) != NULL) { + dsigCtx->signKey = xmlSecAppCryptoKeyGenerate(xmlSecAppCmdLineParamGetString(&sessionKeyParam), + NULL, xmlSecKeyDataTypeSession); + if(dsigCtx->signKey == NULL) { + fprintf(stderr, "Error: failed to generate a session key \"%s\"\n", + xmlSecAppCmdLineParamGetString(&sessionKeyParam)); + return(-1); + } + } + + /* set dsig params */ + if(xmlSecAppCmdLineParamIsSet(&ignoreManifestsParam)) { + dsigCtx->flags |= XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS; + } + if(xmlSecAppCmdLineParamIsSet(&storeReferencesParam)) { + dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES | + XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES; + print_debug = 1; + } + if(xmlSecAppCmdLineParamIsSet(&storeSignaturesParam)) { + dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNATURE; + print_debug = 1; + } + if(xmlSecAppCmdLineParamIsSet(&enableVisa3DHackParam)) { + dsigCtx->flags |= XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK; + } + + if(xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam) != NULL) { + dsigCtx->enabledReferenceUris = xmlSecAppGetUriType( + xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam)); + if(dsigCtx->enabledReferenceUris == xmlSecTransformUriTypeNone) { + fprintf(stderr, "Error: failed to parse \"%s\"\n", + xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam)); + return(-1); + } + } + + return(0); +} + +static void +xmlSecAppPrintDSigCtx(xmlSecDSigCtxPtr dsigCtx) { + if(dsigCtx == NULL) { + return; + } + + if(xmlSecAppCmdLineParamIsSet(&printDebugParam) || xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) { + print_debug = 0; + } + + /* print debug info if requested */ + if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) { + xmlSecDSigCtxDebugDump(dsigCtx, stdout); + } + + if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) { + xmlSecDSigCtxDebugXmlDump(dsigCtx, stdout); + } +} + +#endif /* XMLSEC_NO_XMLDSIG */ + +#ifndef XMLSEC_NO_XMLENC +static int +xmlSecAppEncryptFile(const char* filename) { + xmlSecAppXmlDataPtr data = NULL; + xmlSecEncCtx encCtx; + xmlDocPtr doc = NULL; + xmlNodePtr startTmplNode; + clock_t start_time; + int res = -1; + + if(filename == NULL) { + return(-1); + } + + if(xmlSecEncCtxInitialize(&encCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: enc context initialization failed\n"); + return(-1); + } + if(xmlSecAppPrepareEncCtx(&encCtx) < 0) { + fprintf(stderr, "Error: enc context preparation failed\n"); + goto done; + } + + /* parse doc and find template node */ + doc = xmlSecParseFile(filename); + if(doc == NULL) { + fprintf(stderr, "Error: failed to parse xml file \"%s\"\n", + filename); + goto done; + } + startTmplNode = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs); + if(startTmplNode == NULL) { + fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n", + xmlSecNodeEncryptedData); + goto done; + } + + if(xmlSecAppCmdLineParamGetString(&binaryDataParam) != NULL) { + /* encrypt */ + start_time = clock(); + if(xmlSecEncCtxUriEncrypt(&encCtx, startTmplNode, BAD_CAST xmlSecAppCmdLineParamGetString(&binaryDataParam)) < 0) { + fprintf(stderr, "Error: failed to encrypt file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&binaryDataParam)); + goto done; + } + total_time += clock() - start_time; + } else if(xmlSecAppCmdLineParamGetString(&xmlDataParam) != NULL) { + /* parse file and select node for encryption */ + data = xmlSecAppXmlDataCreate(xmlSecAppCmdLineParamGetString(&xmlDataParam), NULL, NULL); + if(data == NULL) { + fprintf(stderr, "Error: failed to load file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&xmlDataParam)); + goto done; + } + + /* encrypt */ + start_time = clock(); + if(xmlSecEncCtxXmlEncrypt(&encCtx, startTmplNode, data->startNode) < 0) { + fprintf(stderr, "Error: failed to encrypt xml file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&xmlDataParam)); + goto done; + } + total_time += clock() - start_time; + } else { + fprintf(stderr, "Error: encryption data not specified (use \"--xml\" or \"--binary\" options)\n"); + goto done; + } + + /* print out result only once per execution */ + if(repeats <= 1) { + if(encCtx.resultReplaced) { + if(xmlSecAppWriteResult((data != NULL) ? data->doc : doc, NULL) < 0) { + goto done; + } + } else { + if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) { + goto done; + } + } + } + res = 0; + +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecAppPrintEncCtx(&encCtx); + } + xmlSecEncCtxFinalize(&encCtx); + + if(data != NULL) { + xmlSecAppXmlDataDestroy(data); + } + if(doc != NULL) { + xmlFreeDoc(doc); + } + return(res); +} + +static int +xmlSecAppDecryptFile(const char* filename) { + xmlSecAppXmlDataPtr data = NULL; + xmlSecEncCtx encCtx; + clock_t start_time; + int res = -1; + + if(filename == NULL) { + return(-1); + } + + if(xmlSecEncCtxInitialize(&encCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: enc context initialization failed\n"); + return(-1); + } + if(xmlSecAppPrepareEncCtx(&encCtx) < 0) { + fprintf(stderr, "Error: enc context preparation failed\n"); + goto done; + } + + /* parse template and select start node */ + data = xmlSecAppXmlDataCreate(filename, xmlSecNodeEncryptedData, xmlSecEncNs); + if(data == NULL) { + fprintf(stderr, "Error: failed to load template \"%s\"\n", filename); + goto done; + } + + start_time = clock(); + if(xmlSecEncCtxDecrypt(&encCtx, data->startNode) < 0) { + fprintf(stderr, "Error: failed to decrypt file\n"); + goto done; + } + total_time += clock() - start_time; + + /* print out result only once per execution */ + if(repeats <= 1) { + if(encCtx.resultReplaced) { + if(xmlSecAppWriteResult(data->doc, NULL) < 0) { + goto done; + } + } else { + if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) { + goto done; + } + } + } + res = 0; + +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecAppPrintEncCtx(&encCtx); + } + xmlSecEncCtxFinalize(&encCtx); + + if(data != NULL) { + xmlSecAppXmlDataDestroy(data); + } + return(res); +} + +#ifndef XMLSEC_NO_TMPL_TEST +static int +xmlSecAppEncryptTmpl(void) { + const char* data = "Hello, World!"; + xmlSecEncCtx encCtx; + xmlDocPtr doc = NULL; + xmlNodePtr cur; + clock_t start_time; + int res = -1; + + if(xmlSecEncCtxInitialize(&encCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: enc context initialization failed\n"); + return(-1); + } + if(xmlSecAppPrepareEncCtx(&encCtx) < 0) { + fprintf(stderr, "Error: enc context preparation failed\n"); + goto done; + } + + /* prepare template */ + doc = xmlNewDoc(BAD_CAST "1.0"); + if(doc == NULL) { + fprintf(stderr, "Error: failed to create doc\n"); + goto done; + } + + cur = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId, + NULL, NULL, NULL, NULL); + if(cur == NULL) { + fprintf(stderr, "Error: failed to encryption template\n"); + goto done; + } + xmlDocSetRootElement(doc, cur); + + if(xmlSecTmplEncDataEnsureCipherValue(xmlDocGetRootElement(doc)) == NULL) { + fprintf(stderr, "Error: failed to add CipherValue node\n"); + goto done; + } + + /* add key information */ + cur = xmlSecTmplEncDataEnsureKeyInfo(xmlDocGetRootElement(doc), NULL); + if(cur == NULL) { + fprintf(stderr, "Error: failed to add KeyInfo node\n"); + goto done; + } + if(xmlSecTmplKeyInfoAddKeyName(cur, NULL) == NULL) { + fprintf(stderr, "Error: failed to add KeyName node\n"); + goto done; + } + + /* encrypt */ + start_time = clock(); + if(xmlSecEncCtxBinaryEncrypt(&encCtx, xmlDocGetRootElement(doc), + (const xmlSecByte*)data, strlen(data)) < 0) { + fprintf(stderr, "Error: failed to encrypt data\n"); + goto done; + } + total_time += clock() - start_time; + + /* print out result only once per execution */ + if(repeats <= 1) { + if(encCtx.resultReplaced) { + if(xmlSecAppWriteResult(doc, NULL) < 0) { + goto done; + } + } else { + if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) { + goto done; + } + } + } + res = 0; + +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecAppPrintEncCtx(&encCtx); + } + xmlSecEncCtxFinalize(&encCtx); + if(doc != NULL) { + xmlFreeDoc(doc); + } + return(res); +} +#endif /* XMLSEC_NO_TMPL_TEST */ + +static int +xmlSecAppPrepareEncCtx(xmlSecEncCtxPtr encCtx) { + if(encCtx == NULL) { + fprintf(stderr, "Error: enc context is null\n"); + return(-1); + } + + /* set key info params */ + if(xmlSecAppPrepareKeyInfoReadCtx(&(encCtx->keyInfoReadCtx)) < 0) { + fprintf(stderr, "Error: failed to prepare key info context\n"); + return(-1); + } + + if(xmlSecAppCmdLineParamGetString(&sessionKeyParam) != NULL) { + encCtx->encKey = xmlSecAppCryptoKeyGenerate(xmlSecAppCmdLineParamGetString(&sessionKeyParam), + NULL, xmlSecKeyDataTypeSession); + if(encCtx->encKey == NULL) { + fprintf(stderr, "Error: failed to generate a session key \"%s\"\n", + xmlSecAppCmdLineParamGetString(&sessionKeyParam)); + return(-1); + } + } + + if(xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam) != NULL) { + encCtx->transformCtx.enabledUris = xmlSecAppGetUriType( + xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam)); + if(encCtx->transformCtx.enabledUris == xmlSecTransformUriTypeNone) { + fprintf(stderr, "Error: failed to parse \"%s\"\n", + xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam)); + return(-1); + } + } + return(0); +} + +static void +xmlSecAppPrintEncCtx(xmlSecEncCtxPtr encCtx) { + if(encCtx == NULL) { + return; + } + + /* print debug info if requested */ + if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) { + xmlSecEncCtxDebugDump(encCtx, stdout); + } + + if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) { + xmlSecEncCtxDebugXmlDump(encCtx, stdout); + } +} + +#endif /* XMLSEC_NO_XMLENC */ + +#ifndef XMLSEC_NO_XKMS +static int +xmlSecAppXkmsServerProcess(const char* filename) { + xmlSecAppXmlDataPtr data = NULL; + xmlDocPtr doc = NULL; + xmlNodePtr result; + xmlSecXkmsServerCtx xkmsServerCtx; + xmlSecXkmsServerFormat format = xmlSecXkmsServerFormatPlain; + clock_t start_time; + int res = -1; + + if(filename == NULL) { + return(-1); + } + + if(xmlSecXkmsServerCtxInitialize(&xkmsServerCtx, gKeysMngr) < 0) { + fprintf(stderr, "Error: XKMS server context initialization failed\n"); + return(-1); + } + if(xmlSecAppPrepareXkmsServerCtx(&xkmsServerCtx) < 0) { + fprintf(stderr, "Error: XKMS server context preparation failed\n"); + goto done; + } + + /* get the input format */ + if(xmlSecAppCmdLineParamGetString(&xkmsFormatParam) != NULL) { + format = xmlSecXkmsServerFormatFromString(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsFormatParam)); + if(format == xmlSecXkmsServerFormatUnknown) { + fprintf(stderr, "Error: unknown format \"%s\"\n", + xmlSecAppCmdLineParamGetString(&xkmsFormatParam)); + return(-1); + } + } + + /* parse template and select start node, there are multiple options + * for start node thus we don't provide the default start node name */ + data = xmlSecAppXmlDataCreate(filename, NULL, NULL); + if(data == NULL) { + fprintf(stderr, "Error: failed to load request from file \"%s\"\n", filename); + goto done; + } + + /* prepare result document */ + doc = xmlNewDoc(BAD_CAST "1.0"); + if(doc == NULL) { + fprintf(stderr, "Error: failed to create doc\n"); + goto done; + } + + start_time = clock(); + result = xmlSecXkmsServerCtxProcess(&xkmsServerCtx, data->startNode, format, doc); + if(result == NULL) { + fprintf(stderr, "Error: failed to process xkms server request\n"); + goto done; + } + total_time += clock() - start_time; + + + /* print out result only once per execution */ + xmlDocSetRootElement(doc, result); + if(repeats <= 1) { + if(xmlSecAppWriteResult(doc, NULL) < 0) { + goto done; + } + } + + res = 0; + +done: + /* print debug info if requested */ + if(repeats <= 1) { + xmlSecAppPrintXkmsServerCtx(&xkmsServerCtx); + } + xmlSecXkmsServerCtxFinalize(&xkmsServerCtx); + + if(doc != NULL) { + xmlFreeDoc(doc); + } + if(data != NULL) { + xmlSecAppXmlDataDestroy(data); + } + return(res); +} + +static int +xmlSecAppPrepareXkmsServerCtx(xmlSecXkmsServerCtxPtr xkmsServerCtx) { + if(xkmsServerCtx == NULL) { + fprintf(stderr, "Error: XKMS context is null\n"); + return(-1); + } + + /* set key info params */ + if(xmlSecAppPrepareKeyInfoReadCtx(&(xkmsServerCtx->keyInfoReadCtx)) < 0) { + fprintf(stderr, "Error: failed to prepare key info context\n"); + return(-1); + } + + if(xmlSecAppCmdLineParamGetString(&xkmsServiceParam) != NULL) { + xkmsServerCtx->expectedService = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsServiceParam)); + if(xkmsServerCtx->expectedService == NULL) { + fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", + xmlSecAppCmdLineParamGetString(&xkmsServiceParam)); + return(-1); + } + } + + if(xmlSecAppCmdLineParamIsSet(&xkmsStopUnknownResponseMechanismParam)) { + xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM; + } + if(xmlSecAppCmdLineParamIsSet(&xkmsStopUnknownRespondWithParam)) { + xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH; + } + if(xmlSecAppCmdLineParamIsSet(&xkmsStopUnknownKeyUsageParam)) { + xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE; + } + return(0); +} + +static void +xmlSecAppPrintXkmsServerCtx(xmlSecXkmsServerCtxPtr xkmsServerCtx) { + if(xkmsServerCtx == NULL) { + return; + } + + /* print debug info if requested */ + if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) { + xmlSecXkmsServerCtxDebugDump(xkmsServerCtx, stdout); + } + + if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) { + xmlSecXkmsServerCtxDebugXmlDump(xkmsServerCtx, stdout); + } +} + +#endif /* XMLSEC_NO_XKMS */ + +static void +xmlSecAppListKeyData(void) { + fprintf(stdout, "Registered key data klasses:\n"); + xmlSecKeyDataIdListDebugDump(xmlSecKeyDataIdsGet(), stdout); +} + +static int +xmlSecAppCheckKeyData(const char * name) { + if(xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST name, xmlSecKeyDataUsageAny) == xmlSecKeyDataIdUnknown) { + return -1; + } + return 0; +} + +static void +xmlSecAppListTransforms(void) { + fprintf(stdout, "Registered transform klasses:\n"); + xmlSecTransformIdListDebugDump(xmlSecTransformIdsGet(), stdout); +} + +static int +xmlSecAppCheckTransform(const char * name) { + if(xmlSecTransformIdListFindByName(xmlSecTransformIdsGet(), BAD_CAST name, xmlSecTransformUsageAny) == xmlSecTransformIdUnknown) { + return -1; + } + return 0; +} + +static int +xmlSecAppPrepareKeyInfoReadCtx(xmlSecKeyInfoCtxPtr keyInfoCtx) { + xmlSecAppCmdLineValuePtr value; + int ret; + + if(keyInfoCtx == NULL) { + fprintf(stderr, "Error: key info context is null\n"); + return(-1); + } + +#ifndef XMLSEC_NO_X509 + if(xmlSecAppCmdLineParamIsSet(&verificationTimeParam)) { + keyInfoCtx->certsVerificationTime = xmlSecAppCmdLineParamGetTime(&verificationTimeParam, 0); + } + if(xmlSecAppCmdLineParamIsSet(&depthParam)) { + keyInfoCtx->certsVerificationDepth = xmlSecAppCmdLineParamGetInt(&depthParam, 0); + } + if(xmlSecAppCmdLineParamIsSet(&X509SkipStrictChecksParam)) { + keyInfoCtx->flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS; + } +#endif /* XMLSEC_NO_X509 */ + + /* read enabled key data list */ + for(value = enabledKeyDataParam.value; value != NULL; value = value->next) { + if(value->strListValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + enabledKeyDataParam.fullName); + return(-1); + } else { + xmlSecKeyDataId dataId; + const char* p; + + for(p = value->strListValue; (p != NULL) && ((*p) != '\0'); p += strlen(p)) { + dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST p, xmlSecKeyDataUsageAny); + if(dataId == xmlSecKeyDataIdUnknown) { + fprintf(stderr, "Error: key data \"%s\" is unknown.\n", p); + return(-1); + } + ret = xmlSecPtrListAdd(&(keyInfoCtx->enabledKeyData), (const xmlSecPtr)dataId); + if(ret < 0) { + fprintf(stderr, "Error: failed to enable key data \"%s\".\n", p); + return(-1); + } + } + } + } + + /* read enabled RetrievalMethod uris */ + if(xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam) != NULL) { + keyInfoCtx->retrievalMethodCtx.enabledUris = xmlSecAppGetUriType( + xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam)); + if(keyInfoCtx->retrievalMethodCtx.enabledUris == xmlSecTransformUriTypeNone) { + fprintf(stderr, "Error: failed to parse \"%s\"\n", + xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam)); + return(-1); + } + } + + return(0); +} + +static int +xmlSecAppLoadKeys(void) { + xmlSecAppCmdLineValuePtr value; + + if(gKeysMngr != NULL) { + fprintf(stderr, "Error: keys manager already initialized.\n"); + return(-1); + } + + /* create and initialize keys manager */ + gKeysMngr = xmlSecKeysMngrCreate(); + if(gKeysMngr == NULL) { + fprintf(stderr, "Error: failed to create keys manager.\n"); + return(-1); + } + if(xmlSecAppCryptoSimpleKeysMngrInit(gKeysMngr) < 0) { + fprintf(stderr, "Error: failed to initialize keys manager.\n"); + return(-1); + } + + /* generate new key file */ + for(value = genKeyParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", genKeyParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyGenerate(gKeysMngr, value->strValue, value->paramNameValue) < 0) { + fprintf(stderr, "Error: failed to generate key \"%s\".\n", value->strValue); + return(-1); + } + } + + /* read all xml key files */ + for(value = keysFileParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", keysFileParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrLoad(gKeysMngr, value->strValue) < 0) { + fprintf(stderr, "Error: failed to load xml keys file \"%s\".\n", value->strValue); + return(-1); + } + } + + /* read all private keys */ + for(value = privkeyParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + privkeyParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatPem) < 0) { + fprintf(stderr, "Error: failed to load private key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + for(value = privkeyDerParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + privkeyDerParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatDer) < 0) { + fprintf(stderr, "Error: failed to load private key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + for(value = pkcs8PemParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + pkcs8PemParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatPkcs8Pem) < 0) { + fprintf(stderr, "Error: failed to load private key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + for(value = pkcs8DerParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + pkcs8DerParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatPkcs8Der) < 0) { + fprintf(stderr, "Error: failed to load private key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + /* read all public keys */ + for(value = pubkeyParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + pubkeyParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatPem) < 0) { + fprintf(stderr, "Error: failed to load public key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + for(value = pubkeyDerParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + pubkeyDerParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatDer) < 0) { + fprintf(stderr, "Error: failed to load public key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + +#ifndef XMLSEC_NO_AES + /* read all AES keys */ + for(value = aeskeyParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + aeskeyParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, + "aes", value->strValue, value->paramNameValue) < 0) { + fprintf(stderr, "Error: failed to load aes key from \"%s\".\n", + value->strValue); + return(-1); + } + } +#endif /* XMLSEC_NO_AES */ + +#ifndef XMLSEC_NO_DES + /* read all des keys */ + for(value = deskeyParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + deskeyParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, + "des", value->strValue, value->paramNameValue) < 0) { + fprintf(stderr, "Error: failed to load des key from \"%s\".\n", + value->strValue); + return(-1); + } + } +#endif /* XMLSEC_NO_DES */ + +#ifndef XMLSEC_NO_HMAC + /* read all hmac keys */ + for(value = hmackeyParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + hmackeyParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, + "hmac", value->strValue, value->paramNameValue) < 0) { + fprintf(stderr, "Error: failed to load hmac key from \"%s\".\n", + value->strValue); + return(-1); + } + } +#endif /* XMLSEC_NO_HMAC */ + +#ifndef XMLSEC_NO_X509 + /* read all pkcs12 files */ + for(value = pkcs12Param.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", pkcs12Param.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(gKeysMngr, + value->strValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue) < 0) { + fprintf(stderr, "Error: failed to load pkcs12 key from \"%s\".\n", + value->strValue); + return(-1); + } + } + + /* read all trusted certs */ + for(value = trustedParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, + value->strValue, xmlSecKeyDataFormatPem, + xmlSecKeyDataTypeTrusted) < 0) { + fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n", + value->strValue); + return(-1); + } + } + for(value = trustedDerParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedDerParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, + value->strValue, xmlSecKeyDataFormatDer, + xmlSecKeyDataTypeTrusted) < 0) { + fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n", + value->strValue); + return(-1); + } + } + + + /* read all public keys in certs */ + for(value = pubkeyCertParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + pubkeyCertParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatCertPem) < 0) { + fprintf(stderr, "Error: failed to load public key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + for(value = pubkeyCertDerParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + pubkeyCertDerParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, + value->strListValue, + xmlSecAppCmdLineParamGetString(&pwdParam), + value->paramNameValue, + xmlSecKeyDataFormatCertDer) < 0) { + fprintf(stderr, "Error: failed to load public key from \"%s\".\n", + value->strListValue); + return(-1); + } + } + + + /* read all untrusted certs */ + for(value = untrustedParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, + value->strValue, xmlSecKeyDataFormatPem, + xmlSecKeyDataTypeNone) < 0) { + fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n", + value->strValue); + return(-1); + } + } + for(value = untrustedDerParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedDerParam.fullName); + return(-1); + } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, + value->strValue, xmlSecKeyDataFormatDer, + xmlSecKeyDataTypeNone) < 0) { + fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n", + value->strValue); + return(-1); + } + } + +#endif /* XMLSEC_NO_X509 */ + + return(0); +} + +static int intialized = 0; + +#ifndef XMLSEC_NO_XSLT +static xsltSecurityPrefsPtr xsltSecPrefs = NULL; +#endif /* XMLSEC_NO_XSLT */ + +static int +xmlSecAppInit(void) { + if(intialized != 0) { + return(0); + } + intialized = 1; + + /* Init libxml */ + xmlInitParser(); + LIBXML_TEST_VERSION + xmlTreeIndentString = "\t"; +#ifndef XMLSEC_NO_XSLT + xmlIndentTreeOutput = 1; +#endif /* XMLSEC_NO_XSLT */ + + + /* Init libxslt */ +#ifndef XMLSEC_NO_XSLT + /* disable everything */ + xsltSecPrefs = xsltNewSecurityPrefs(); + xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_FILE, xsltSecurityForbid); + xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid); + xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid); + xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_READ_NETWORK, xsltSecurityForbid); + xsltSetSecurityPrefs(xsltSecPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid); + xsltSetDefaultSecurityPrefs(xsltSecPrefs); +#endif /* XMLSEC_NO_XSLT */ + + /* Init xmlsec */ + if(xmlSecInit() < 0) { + fprintf(stderr, "Error: xmlsec intialization failed.\n"); + return(-1); + } + if(xmlSecCheckVersion() != 1) { + fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n"); + return(-1); + } + +#if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) + if(xmlSecCryptoDLLoadLibrary(BAD_CAST xmlsec_crypto) < 0) { + fprintf(stderr, "Error: unable to load xmlsec-%s library. Make sure that you have\n" + "this it installed, check shared libraries path (LD_LIBRARY_PATH)\n" + "envornment variable or use \"--crypto\" option to specify different\n" + "crypto engine.\n", xmlsec_crypto); + return(-1); + } +#endif /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */ + + /* Init Crypto */ + if(xmlSecAppCryptoInit(xmlSecAppCmdLineParamGetString(&cryptoConfigParam)) < 0) { + fprintf(stderr, "Error: xmlsec crypto intialization failed.\n"); + return(-1); + } + return(0); +} + +static void +xmlSecAppShutdown(void) { + if(intialized == 0) { + return; + } + + /* Shutdown Crypto */ + if(xmlSecAppCryptoShutdown() < 0) { + fprintf(stderr, "Error: xmlsec crypto shutdown failed.\n"); + } + + /* Shutdown xmlsec */ + if(xmlSecShutdown() < 0) { + fprintf(stderr, "Error: xmlsec shutdown failed.\n"); + } + + /* Shutdown libxslt/libxml */ +#ifndef XMLSEC_NO_XSLT + xsltFreeSecurityPrefs(xsltSecPrefs); + xsltCleanupGlobals(); +#endif /* XMLSEC_NO_XSLT */ + xmlCleanupParser(); +} + +static xmlSecAppXmlDataPtr +xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, const xmlChar* defStartNodeNs) { + xmlSecAppCmdLineValuePtr value; + xmlSecAppXmlDataPtr data; + xmlNodePtr cur = NULL; + + if(filename == NULL) { + fprintf(stderr, "Error: xml filename is null\n"); + return(NULL); + } + + /* create object */ + data = (xmlSecAppXmlDataPtr) xmlMalloc(sizeof(xmlSecAppXmlData)); + if(data == NULL) { + fprintf(stderr, "Error: failed to create xml data\n"); + return(NULL); + } + memset(data, 0, sizeof(xmlSecAppXmlData)); + + /* parse doc */ + data->doc = xmlSecParseFile(filename); + if(data->doc == NULL) { + fprintf(stderr, "Error: failed to parse xml file \"%s\"\n", + filename); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + + /* load dtd and set default attrs and ids */ + if(xmlSecAppCmdLineParamGetString(&dtdFileParam) != NULL) { + xmlValidCtxt ctx; + + data->dtd = xmlParseDTD(NULL, BAD_CAST xmlSecAppCmdLineParamGetString(&dtdFileParam)); + if(data->dtd == NULL) { + fprintf(stderr, "Error: failed to parse dtd file \"%s\"\n", + xmlSecAppCmdLineParamGetString(&dtdFileParam)); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + + memset(&ctx, 0, sizeof(ctx)); + /* we don't care is doc actually valid or not */ + xmlValidateDtd(&ctx, data->doc, data->dtd); + } + + /* set ID attributes from command line */ + for(value = idAttrParam.value; value != NULL; value = value->next) { + if(value->strValue == NULL) { + fprintf(stderr, "Error: invalid value for option \"%s\".\n", + idAttrParam.fullName); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } else { + xmlChar* attrName = (value->paramNameValue != NULL) ? BAD_CAST value->paramNameValue : BAD_CAST "id"; + xmlChar* nodeName; + xmlChar* nsHref; + xmlChar* buf; + + buf = xmlStrdup(BAD_CAST value->strValue); + if(buf == NULL) { + fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", value->strValue); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + nodeName = (xmlChar*)strrchr((char*)buf, ':'); + if(nodeName != NULL) { + (*(nodeName++)) = '\0'; + nsHref = buf; + } else { + nodeName = buf; + nsHref = NULL; + } + + /* process children first because it does not matter much but does simplify code */ + cur = xmlSecGetNextElementNode(data->doc->children); + while(cur != NULL) { + if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) { + fprintf(stderr, "Error: failed to add ID attribute \"%s\" for node \"%s\"\n", attrName, value->strValue); + xmlFree(buf); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + cur = xmlSecGetNextElementNode(cur->next); + } + + xmlFree(buf); + } + } + + + /* now find the start node */ + if(xmlSecAppCmdLineParamGetString(&nodeIdParam) != NULL) { + xmlAttrPtr attr; + + attr = xmlGetID(data->doc, BAD_CAST xmlSecAppCmdLineParamGetString(&nodeIdParam)); + if(attr == NULL) { + fprintf(stderr, "Error: failed to find node with id=\"%s\"\n", + xmlSecAppCmdLineParamGetString(&nodeIdParam)); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + cur = attr->parent; + } else if(xmlSecAppCmdLineParamGetString(&nodeNameParam) != NULL) { + xmlChar* buf; + xmlChar* name; + xmlChar* ns; + + buf = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeNameParam)); + if(buf == NULL) { + fprintf(stderr, "Error: failed to duplicate node \"%s\"\n", + xmlSecAppCmdLineParamGetString(&nodeNameParam)); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + name = (xmlChar*)strrchr((char*)buf, ':'); + if(name != NULL) { + (*(name++)) = '\0'; + ns = buf; + } else { + name = buf; + ns = NULL; + } + + cur = xmlSecFindNode(xmlDocGetRootElement(data->doc), name, ns); + if(cur == NULL) { + fprintf(stderr, "Error: failed to find node with name=\"%s\"\n", + name); + xmlFree(buf); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + xmlFree(buf); + } else if(xmlSecAppCmdLineParamGetString(&nodeXPathParam) != NULL) { + xmlXPathContextPtr ctx = NULL; + xmlXPathObjectPtr obj = NULL; + xmlNodePtr rootNode; + xmlNsPtr ns; + int ret; + + rootNode = xmlDocGetRootElement(data->doc); + if(rootNode == NULL) { + fprintf(stderr, "Error: failed to find root node\n"); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + + ctx = xmlXPathNewContext(data->doc); + if(ctx == NULL) { + fprintf(stderr, "Error: failed to create xpath context\n"); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + + /* register namespaces from the root node */ + for(ns = rootNode->nsDef; ns != NULL; ns = ns->next) { + if(ns->prefix != NULL){ + ret = xmlXPathRegisterNs(ctx, ns->prefix, ns->href); + if(ret != 0) { + fprintf(stderr, "Error: failed to register namespace \"%s\"\n", ns->prefix); + xmlXPathFreeContext(ctx); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + } + } + + obj = xmlXPathEval(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeXPathParam), ctx); + if(obj == NULL) { + fprintf(stderr, "Error: failed to evaluate xpath expression\n"); + xmlXPathFreeContext(ctx); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + + if((obj->nodesetval == NULL) || (obj->nodesetval->nodeNr != 1)) { + fprintf(stderr, "Error: xpath expression evaluation does not return a single node as expected\n"); + xmlXPathFreeObject(obj); + xmlXPathFreeContext(ctx); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + + cur = obj->nodesetval->nodeTab[0]; + xmlXPathFreeContext(ctx); + xmlXPathFreeObject(obj); + + } else { + cur = xmlDocGetRootElement(data->doc); + if(cur == NULL) { + fprintf(stderr, "Error: failed to get root element\n"); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + } + + if(defStartNodeName != NULL) { + data->startNode = xmlSecFindNode(cur, defStartNodeName, defStartNodeNs); + if(data->startNode == NULL) { + fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n", + defStartNodeName); + xmlSecAppXmlDataDestroy(data); + return(NULL); + } + } else { + data->startNode = cur; + } + + return(data); +} + +static void +xmlSecAppXmlDataDestroy(xmlSecAppXmlDataPtr data) { + if(data == NULL) { + fprintf(stderr, "Error: xml data is null\n"); + return; + } + if(data->dtd != NULL) { + xmlFreeDtd(data->dtd); + } + if(data->doc != NULL) { + xmlFreeDoc(data->doc); + } + memset(data, 0, sizeof(xmlSecAppXmlData)); + xmlFree(data); +} + +static xmlSecAppCommand +xmlSecAppParseCommand(const char* cmd, xmlSecAppCmdLineParamTopic* cmdLineTopics, xmlSecAppCommand* subCommand) { + if(subCommand != NULL) { + (*subCommand) = xmlSecAppCommandUnknown; + } + + if((cmd == NULL) || (cmdLineTopics == NULL)) { + return(xmlSecAppCommandUnknown); + } else + + if((strcmp(cmd, "help") == 0) || (strcmp(cmd, "--help") == 0)) { + (*cmdLineTopics) = 0; + return(xmlSecAppCommandHelp); + } else + + if((strcmp(cmd, "help-all") == 0) || (strcmp(cmd, "--help-all") == 0)) { + (*cmdLineTopics) = xmlSecAppCmdLineTopicAll; + return(xmlSecAppCommandHelp); + } else + + if((strncmp(cmd, "help-", 5) == 0) || (strncmp(cmd, "--help-", 7) == 0)) { + cmd = (cmd[0] == '-') ? cmd + 7 : cmd + 5; + if(subCommand) { + (*subCommand) = xmlSecAppParseCommand(cmd, cmdLineTopics, NULL); + } else { + (*cmdLineTopics) = 0; + } + return(xmlSecAppCommandHelp); + } else + + if((strcmp(cmd, "version") == 0) || (strcmp(cmd, "--version") == 0)) { + (*cmdLineTopics) = xmlSecAppCmdLineTopicVersion; + return(xmlSecAppCommandVersion); + } else + + if((strcmp(cmd, "list-key-data") == 0) || (strcmp(cmd, "--list-key-data") == 0)) { + (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig; + return(xmlSecAppCommandListKeyData); + } else + + if((strcmp(cmd, "check-key-data") == 0) || (strcmp(cmd, "--check-key-data") == 0)) { + (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig; + return(xmlSecAppCommandCheckKeyData); + } else + + if((strcmp(cmd, "list-transforms") == 0) || (strcmp(cmd, "--list-transforms") == 0)) { + (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig; + return(xmlSecAppCommandListTransforms); + } else + + if((strcmp(cmd, "check-transforms") == 0) || (strcmp(cmd, "--check-transforms") == 0)) { + (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig; + return(xmlSecAppCommandCheckTransforms); + } else + + if((strcmp(cmd, "keys") == 0) || (strcmp(cmd, "--keys") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandKeys); + } else + +#ifndef XMLSEC_NO_XMLDSIG + if((strcmp(cmd, "sign") == 0) || (strcmp(cmd, "--sign") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicDSigSign | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandSign); + } else + + if((strcmp(cmd, "verify") == 0) || (strcmp(cmd, "--verify") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicDSigVerify | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandVerify); + } else +#ifndef XMLSEC_NO_TMPL_TEST + if((strcmp(cmd, "sign-tmpl") == 0) || (strcmp(cmd, "--sign-tmpl") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicDSigCommon | + xmlSecAppCmdLineTopicDSigSign | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandSignTmpl); + } else +#endif /* XMLSEC_NO_TMPL_TEST */ + +#endif /* XMLSEC_NO_XMLDSIG */ + +#ifndef XMLSEC_NO_XMLENC + if((strcmp(cmd, "encrypt") == 0) || (strcmp(cmd, "--encrypt") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicEncEncrypt | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandEncrypt); + } else + + if((strcmp(cmd, "decrypt") == 0) || (strcmp(cmd, "--decrypt") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicEncDecrypt | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandDecrypt); + } else + +#ifndef XMLSEC_NO_TMPL_TEST + if((strcmp(cmd, "encrypt-tmpl") == 0) || (strcmp(cmd, "--encrypt-tmpl") == 0)) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicEncCommon | + xmlSecAppCmdLineTopicEncEncrypt | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandEncryptTmpl); + } else +#endif /* XMLSEC_NO_TMPL_TEST */ +#endif /* XMLSEC_NO_XMLENC */ + +#ifndef XMLSEC_NO_XKMS + if(strcmp(cmd, "--xkms-server-request") == 0) { + (*cmdLineTopics) = + xmlSecAppCmdLineTopicGeneral | + xmlSecAppCmdLineTopicCryptoConfig | + xmlSecAppCmdLineTopicXkmsCommon | + xmlSecAppCmdLineTopicKeysMngr | + xmlSecAppCmdLineTopicX509Certs; + return(xmlSecAppCommandXkmsServerRequest); + } else +#endif /* XMLSEC_NO_XKMS */ + + if(1) { + (*cmdLineTopics) = 0; + return(xmlSecAppCommandUnknown); + } +} + +static void +xmlSecAppPrintHelp(xmlSecAppCommand command, xmlSecAppCmdLineParamTopic topics) { + switch(command) { + case xmlSecAppCommandUnknown: + case xmlSecAppCommandHelp: + fprintf(stdout, "%s%s\n", helpCommands1, helpCommands2); + break; + case xmlSecAppCommandVersion: + fprintf(stdout, "%s\n", helpVersion); + break; + case xmlSecAppCommandListKeyData: + fprintf(stdout, "%s\n", helpListKeyData); + break; + case xmlSecAppCommandCheckKeyData: + fprintf(stdout, "%s\n", helpCheckKeyData); + break; + case xmlSecAppCommandListTransforms: + fprintf(stdout, "%s\n", helpListTransforms); + break; + case xmlSecAppCommandCheckTransforms: + fprintf(stdout, "%s\n", helpCheckTransforms); + break; + case xmlSecAppCommandKeys: + fprintf(stdout, "%s\n", helpKeys); + break; + case xmlSecAppCommandSign: + fprintf(stdout, "%s\n", helpSign); + break; + case xmlSecAppCommandVerify: + fprintf(stdout, "%s\n", helpVerify); + break; + case xmlSecAppCommandEncrypt: + fprintf(stdout, "%s\n", helpEncrypt); + break; + case xmlSecAppCommandDecrypt: + fprintf(stdout, "%s\n", helpDecrypt); + break; + case xmlSecAppCommandSignTmpl: + fprintf(stdout, "%s\n", helpSignTmpl); + break; + case xmlSecAppCommandEncryptTmpl: + fprintf(stdout, "%s\n", helpEncryptTmpl); + break; + case xmlSecAppCommandXkmsServerRequest: + fprintf(stdout, "%s\n", helpXkmsServerRequest); + break; + } + if(topics != 0) { + fprintf(stdout, "Options:\n"); + xmlSecAppCmdLineParamsListPrint(parameters, topics, stdout); + fprintf(stdout, "\n"); + } + fprintf(stdout, "\n%s\n", bugs); + fprintf(stdout, "%s\n", copyright); +} + +static xmlSecTransformUriType +xmlSecAppGetUriType(const char* string) { + xmlSecTransformUriType type = xmlSecTransformUriTypeNone; + + while((string != NULL) && (string[0] != '\0')) { + if(strcmp(string, "empty") == 0) { + type |= xmlSecTransformUriTypeEmpty; + } else if(strcmp(string, "same-doc") == 0) { + type |= xmlSecTransformUriTypeSameDocument; + } else if(strcmp(string, "local") == 0) { + type |= xmlSecTransformUriTypeLocal; + } else if(strcmp(string, "remote") == 0) { + type |= xmlSecTransformUriTypeRemote; + } else { + fprintf(stderr, "Error: invalid uri type: \"%s\"\n", string); + return(xmlSecTransformUriTypeNone); + } + string += strlen(string) + 1; + } + return(type); +} + +static FILE* +xmlSecAppOpenFile(const char* filename) { + FILE* file; + + if((filename == NULL) || (strcmp(filename, "-") == 0)) { + return(stdout); + } + file = fopen(filename, "wb"); + if(file == NULL) { + fprintf(stderr, "Error: failed to open file \"%s\"\n", filename); + return(NULL); + } + + return(file); +} + +static void +xmlSecAppCloseFile(FILE* file) { + if((file == NULL) || (file == stdout) || (file == stderr)) { + return; + } + + fclose(file); +} + +static int +xmlSecAppWriteResult(xmlDocPtr doc, xmlSecBufferPtr buffer) { + FILE* f; + + f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam)); + if(f == NULL) { + return(-1); + } + if(doc != NULL) { + xmlDocDump(f, doc); + } else if((buffer != NULL) && (xmlSecBufferGetData(buffer) != NULL)) { + fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f); + } else { + fprintf(stderr, "Error: both result doc and result buffer are null\n"); + xmlSecAppCloseFile(f); + return(-1); + } + xmlSecAppCloseFile(f); + return(0); +} + +static int +xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* nodeName, const xmlChar* nsHref) { + xmlAttrPtr attr, tmpAttr; + xmlNodePtr cur; + xmlChar* id; + + if((node == NULL) || (attrName == NULL) || (nodeName == NULL)) { + return(-1); + } + + /* process children first because it does not matter much but does simplify code */ + cur = xmlSecGetNextElementNode(node->children); + while(cur != NULL) { + if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) { + return(-1); + } + cur = xmlSecGetNextElementNode(cur->next); + } + + /* node name must match */ + if(!xmlStrEqual(node->name, nodeName)) { + return(0); + } + + /* if nsHref is set then it also should match */ + if((nsHref != NULL) && (node->ns != NULL) && (!xmlStrEqual(nsHref, node->ns->href))) { + return(0); + } + + /* the attribute with name equal to attrName should exist */ + for(attr = node->properties; attr != NULL; attr = attr->next) { + if(xmlStrEqual(attr->name, attrName)) { + break; + } + } + if(attr == NULL) { + return(0); + } + + /* and this attr should have a value */ + id = xmlNodeListGetString(node->doc, attr->children, 1); + if(id == NULL) { + return(0); + } + + /* check that we don't have same ID already */ + tmpAttr = xmlGetID(node->doc, id); + if(tmpAttr == NULL) { + xmlAddID(NULL, node->doc, id, attr); + } else if(tmpAttr != attr) { + fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id); + xmlFree(id); + return(-1); + } + xmlFree(id); + return(0); +} + + + diff --git a/config.guess b/config.guess new file mode 100755 index 00000000..c2246a4f --- /dev/null +++ b/config.guess @@ -0,0 +1,1502 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. + +timestamp='2009-12-30' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Originally written by Per Bothner. Please send patches (context +# diff format) to <config-patches@gnu.org> and include a ChangeLog +# entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to <config-patches@gnu.org>." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free +Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ELF__ + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerpc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include <stdio.h> /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif |