Check-in [2e12e46ded]
Overview
Comment:Merged trunk
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | piv
Files: files | file ages | folders
SHA1:2e12e46ded44e178fcdea5917730c82586096f4a
User & Date: rkeene on 2013-08-14 04:49:22
Other Links: manifest | tags
Context
2013-08-14
04:54
Added support for enabling the PROTECTED_AUTHENTICATION_PATH flag for the token if a command to provide the PIN is configured check-in: 8a76f09a85 user: rkeene tags: piv
04:49
Merged trunk check-in: 2e12e46ded user: rkeene tags: piv
04:40
Updated to allow compilation excluding DoD certificates check-in: b6863060d8 user: rkeene tags: trunk
04:22
Merged in trunk check-in: 8c73344738 user: rkeene tags: piv
Changes

Modified cackey.c from [6f86c48f0e] to [13b6e88e7c].

3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
....
3978
3979
3980
3981
3982
3983
3984







3985
3986
3987





3988


3989
3990
3991
3992
3993
3994
3995
}

static struct cackey_identity *cackey_read_identities(struct cackey_slot *slot, unsigned long *ids_found) {
	struct cackey_pcsc_identity *pcsc_identities;
	struct cackey_identity *identities;
	unsigned long num_ids, id_idx, curr_id_type;
	unsigned long num_certs, num_dod_certs, cert_idx;
	int include_extra_certs = 0;

	CACKEY_DEBUG_PRINTF("Called.");

	if (ids_found == NULL) {
		CACKEY_DEBUG_PRINTF("Error.  ids_found is NULL");

		return(NULL);
................................................................................
		include_extra_certs = 1;
	}

	if (getenv("CACKEY_NO_DOD_CERTS_ON_HW_SLOTS") != NULL) {
		include_extra_certs = 0;
	}








	if (getenv("CACKEY_NO_EXTRA_CERTS") != NULL) {
		num_dod_certs = 0;
	} else {





		num_dod_certs = sizeof(extra_certs) / sizeof(extra_certs[0]);


	}

	if (slot->internal) {
		num_ids = cackey_read_dod_identities(NULL, num_dod_certs);

		if (num_ids != 0) {
			identities = malloc(num_ids * sizeof(*identities));







|







 







>
>
>
>
>
>
>

|

>
>
>
>
>

>
>







3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
....
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
}

static struct cackey_identity *cackey_read_identities(struct cackey_slot *slot, unsigned long *ids_found) {
	struct cackey_pcsc_identity *pcsc_identities;
	struct cackey_identity *identities;
	unsigned long num_ids, id_idx, curr_id_type;
	unsigned long num_certs, num_dod_certs, cert_idx;
	int include_extra_certs = 0, include_dod_certs;

	CACKEY_DEBUG_PRINTF("Called.");

	if (ids_found == NULL) {
		CACKEY_DEBUG_PRINTF("Error.  ids_found is NULL");

		return(NULL);
................................................................................
		include_extra_certs = 1;
	}

	if (getenv("CACKEY_NO_DOD_CERTS_ON_HW_SLOTS") != NULL) {
		include_extra_certs = 0;
	}

#ifdef CACKEY_NO_EXTRA_CERTS
	if (getenv("CACKEY_EXTRA_CERTS") != NULL) {
		include_dod_certs = 1;
	} else {
		include_dod_certs = 0;
	}
#else
	if (getenv("CACKEY_NO_EXTRA_CERTS") != NULL) {
		include_dod_certs = 0;
	} else {
		include_dod_certs = 1;
	}
#endif

	if (include_dod_certs) {
		num_dod_certs = sizeof(extra_certs) / sizeof(extra_certs[0]);
	} else {
		num_dod_certs = 0;
	}

	if (slot->internal) {
		num_ids = cackey_read_dod_identities(NULL, num_dod_certs);

		if (num_ids != 0) {
			identities = malloc(num_ids * sizeof(*identities));

Modified configure.ac from [9a7cfcd810] to [b325ed9a06].

149
150
151
152
153
154
155











156
157
158
159
160
161
162
163
164
165
166
167
], [
	dodcertsonhwslots=no
])

if ! test "${dodcertsonhwslots}" = 'no'; then
	AC_DEFINE(CACKEY_CARD_SLOT_INCLUDE_EXTRA_CERTS, [1], [Specify that DoD certificates should be made available on hardware token slots])
fi












dnl Set version script, to limit the scope of symbols
DC_SETVERSIONSCRIPT(libcackey.vers, libcackey.syms)

dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker
DC_SYNC_RPATH

dnl If we updated LIBOBJS, update SHLIBOBJS -- must be last.
DC_SYNC_SHLIBOBJS

dnl Produce Makefile
AC_OUTPUT(Makefile libcackey.syms)







>
>
>
>
>
>
>
>
>
>
>












149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
], [
	dodcertsonhwslots=no
])

if ! test "${dodcertsonhwslots}" = 'no'; then
	AC_DEFINE(CACKEY_CARD_SLOT_INCLUDE_EXTRA_CERTS, [1], [Specify that DoD certificates should be made available on hardware token slots])
fi

dnl Option to disable DoD certs entirely
AC_ARG_ENABLE(dod-certs, AC_HELP_STRING([--disable-dod-certs], [Disable including DoD certs entirely.  The user may override this with the CACKEY_EXTRA_CERTS environment variable.]), [
	dodcerts=$enableval
], [
	dodcerts=yes
])

if test "${dodcerts}" = 'no'; then
	AC_DEFINE(CACKEY_NO_EXTRA_CERTS, [1], [Specify that DoD certificates should not be made available])
fi

dnl Set version script, to limit the scope of symbols
DC_SETVERSIONSCRIPT(libcackey.vers, libcackey.syms)

dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker
DC_SYNC_RPATH

dnl If we updated LIBOBJS, update SHLIBOBJS -- must be last.
DC_SYNC_SHLIBOBJS

dnl Produce Makefile
AC_OUTPUT(Makefile libcackey.syms)