Check-in [b6863060d8]
Overview
Comment:Updated to allow compilation excluding DoD certificates
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:b6863060d827d034af42b3e6216e2283336e6f43
User & Date: rkeene on 2013-08-14 04:40:36
Other Links: manifest | tags
Context
2013-10-17
20:29
Merged in PIV support check-in: 3e5963d5d9 user: rkeene tags: trunk
2013-08-14
04:49
Merged trunk check-in: 2e12e46ded user: rkeene tags: piv
04:40
Updated to allow compilation excluding DoD certificates check-in: b6863060d8 user: rkeene tags: trunk
04:21
Added ignores for generated files check-in: 00fbb45437 user: rkeene tags: trunk
Changes

Modified cackey.c from [5df163c7aa] to [967c6f655f].

  3526   3526   }
  3527   3527   
  3528   3528   static struct cackey_identity *cackey_read_identities(struct cackey_slot *slot, unsigned long *ids_found) {
  3529   3529   	struct cackey_pcsc_identity *pcsc_identities;
  3530   3530   	struct cackey_identity *identities;
  3531   3531   	unsigned long num_ids, id_idx, curr_id_type;
  3532   3532   	unsigned long num_certs, num_dod_certs, cert_idx;
  3533         -	int include_extra_certs = 0;
         3533  +	int include_extra_certs = 0, include_dod_certs;
  3534   3534   
  3535   3535   	CACKEY_DEBUG_PRINTF("Called.");
  3536   3536   
  3537   3537   	if (ids_found == NULL) {
  3538   3538   		CACKEY_DEBUG_PRINTF("Error.  ids_found is NULL");
  3539   3539   
  3540   3540   		return(NULL);
................................................................................
  3548   3548   		include_extra_certs = 1;
  3549   3549   	}
  3550   3550   
  3551   3551   	if (getenv("CACKEY_NO_DOD_CERTS_ON_HW_SLOTS") != NULL) {
  3552   3552   		include_extra_certs = 0;
  3553   3553   	}
  3554   3554   
         3555  +#ifdef CACKEY_NO_EXTRA_CERTS
         3556  +	if (getenv("CACKEY_EXTRA_CERTS") != NULL) {
         3557  +		include_dod_certs = 1;
         3558  +	} else {
         3559  +		include_dod_certs = 0;
         3560  +	}
         3561  +#else
  3555   3562   	if (getenv("CACKEY_NO_EXTRA_CERTS") != NULL) {
  3556         -		num_dod_certs = 0;
         3563  +		include_dod_certs = 0;
  3557   3564   	} else {
         3565  +		include_dod_certs = 1;
         3566  +	}
         3567  +#endif
         3568  +
         3569  +	if (include_dod_certs) {
  3558   3570   		num_dod_certs = sizeof(extra_certs) / sizeof(extra_certs[0]);
         3571  +	} else {
         3572  +		num_dod_certs = 0;
  3559   3573   	}
  3560   3574   
  3561   3575   	if (slot->internal) {
  3562   3576   		num_ids = cackey_read_dod_identities(NULL, num_dod_certs);
  3563   3577   
  3564   3578   		if (num_ids != 0) {
  3565   3579   			identities = malloc(num_ids * sizeof(*identities));

Modified configure.ac from [9a7cfcd810] to [b325ed9a06].

   149    149   ], [
   150    150   	dodcertsonhwslots=no
   151    151   ])
   152    152   
   153    153   if ! test "${dodcertsonhwslots}" = 'no'; then
   154    154   	AC_DEFINE(CACKEY_CARD_SLOT_INCLUDE_EXTRA_CERTS, [1], [Specify that DoD certificates should be made available on hardware token slots])
   155    155   fi
          156  +
          157  +dnl Option to disable DoD certs entirely
          158  +AC_ARG_ENABLE(dod-certs, AC_HELP_STRING([--disable-dod-certs], [Disable including DoD certs entirely.  The user may override this with the CACKEY_EXTRA_CERTS environment variable.]), [
          159  +	dodcerts=$enableval
          160  +], [
          161  +	dodcerts=yes
          162  +])
          163  +
          164  +if test "${dodcerts}" = 'no'; then
          165  +	AC_DEFINE(CACKEY_NO_EXTRA_CERTS, [1], [Specify that DoD certificates should not be made available])
          166  +fi
   156    167   
   157    168   dnl Set version script, to limit the scope of symbols
   158    169   DC_SETVERSIONSCRIPT(libcackey.vers, libcackey.syms)
   159    170   
   160    171   dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker
   161    172   DC_SYNC_RPATH
   162    173   
   163    174   dnl If we updated LIBOBJS, update SHLIBOBJS -- must be last.
   164    175   DC_SYNC_SHLIBOBJS
   165    176   
   166    177   dnl Produce Makefile
   167    178   AC_OUTPUT(Makefile libcackey.syms)