From b1336bdfeacf904c8fdec04e06d8b90ef9ad15b3 Mon Sep 17 00:00:00 2001

From: Sumit Bose <sbose@redhat.com>

Date: Wed, 15 Mar 2017 10:57:09 +0100

Subject: [PATCH 05/15] certmap: add placeholder for OpenSSL implementation

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

---

 Makefile.am                               | 30 +++++++++++++++++++++--------

 src/lib/certmap/sss_cert_content_crypto.c | 32 +++++++++++++++++++++++++++++++

 src/lib/certmap/sss_certmap_int.h         |  8 +++++---

 3 files changed, 59 insertions(+), 11 deletions(-)

 create mode 100644 src/lib/certmap/sss_cert_content_crypto.c

diff --git a/Makefile.am b/Makefile.am

index 8ca12c10d2713b6a72361d84b25486500c79f407..7947b7a5fbe3ca1034baac1c13c53300994b1bf8 100644

--- a/Makefile.am

+++ b/Makefile.am

@@ -278,9 +278,12 @@ if HAVE_CMOCKA

         simple-access-tests \

         krb5_common_test \

         test_iobuf \

-        sss_certmap_test \

         $(NULL)

+if HAVE_NSS

+non_interactive_cmocka_based_tests +=  sss_certmap_test

+endif #HAVE_NSS

+

 if HAVE_LIBRESOLV

 non_interactive_cmocka_based_tests += test_resolv_fake

 endif   # HAVE_LIBRESOLV

@@ -1715,7 +1718,6 @@ sssd_check_socket_activated_responders_LDADD = \

     $(NULL)

 endif

-if HAVE_NSS

 pkgconfig_DATA += src/lib/certmap/sss_certmap.pc

 libsss_certmap_la_DEPENDENCIES = src/lib/certmap/sss_certmap.exports

 libsss_certmap_la_SOURCES = \

@@ -1726,26 +1728,38 @@ libsss_certmap_la_SOURCES = \

     src/lib/certmap/sss_certmap_ldap_mapping.c \

     src/util/util_ext.c \

     src/util/cert/cert_common.c \

-    src/util/crypto/nss/nss_base64.c \

-    src/util/cert/nss/cert.c \

-    src/util/crypto/nss/nss_util.c \

     $(NULL)

 libsss_certmap_la_CFLAGS = \

     $(AM_CFLAGS) \

     $(TALLOC_CFLAGS) \

-    $(NSS_CFLAGS) \

     $(NULL)

 libsss_certmap_la_LIBADD = \

     $(TALLOC_LIBS) \

-    $(NSS_LIBS) \

     $(NULL)

 libsss_certmap_la_LDFLAGS = \

     -Wl,--version-script,$(srcdir)/src/lib/certmap/sss_certmap.exports \

     -version-info 0:0:0

+if HAVE_NSS

+libsss_certmap_la_SOURCES += \

+    src/util/crypto/nss/nss_base64.c \

+    src/util/cert/nss/cert.c \

+    src/util/crypto/nss/nss_util.c \

+    $(NULL)

+libsss_certmap_la_CFLAGS += $(NSS_CFLAGS)

+libsss_certmap_la_LIBADD += $(NSS_LIBS)

+else

+libsss_certmap_la_SOURCES += \

+    src/util/crypto/libcrypto/crypto_base64.c \

+    src/util/cert/libcrypto/cert.c \

+    $(NULL)

+

+libsss_certmap_la_CFLAGS += $(CRYPTO_CFLAGS)

+libsss_certmap_la_LIBADD += $(CRYPTO_LIBS)

+endif

+

 dist_noinst_DATA += src/lib/certmap/sss_certmap.exports

 dist_noinst_HEADERS += src/lib/certmap/sss_certmap_int.h

-endif

 #################

 # Feature Tests #

diff --git a/src/lib/certmap/sss_cert_content_crypto.c b/src/lib/certmap/sss_cert_content_crypto.c

new file mode 100644

index 0000000000000000000000000000000000000000..bddcf9bce986bd986aa0aa5f16a0744a97ab36d6

--- /dev/null

+++ b/src/lib/certmap/sss_cert_content_crypto.c

@@ -0,0 +1,32 @@

+/*

+   SSSD - certificate handling utils - OpenSSL version

+   The calls defined here should be useable outside of SSSD as well, e.g. in

+   libsss_certmap.

+

+   Copyright (C) Sumit Bose <sbose@redhat.com> 2017

+

+   This program is free software; you can redistribute it and/or modify

+   it under the terms of the GNU General Public License as published by

+   the Free Software Foundation; either version 3 of the License, or

+   (at your option) any later version.

+

+   This program is distributed in the hope that it will be useful,

+   but WITHOUT ANY WARRANTY; without even the implied warranty of

+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+   GNU General Public License for more details.

+

+   You should have received a copy of the GNU General Public License

+   along with this program.  If not, see <http://www.gnu.org/licenses/>.

+*/

+

+#include <errno.h>

+

+#include "lib/certmap/sss_certmap.h"

+#include "lib/certmap/sss_certmap_int.h"

+

+int sss_cert_get_content(TALLOC_CTX *mem_ctx,

+                         const uint8_t *der_blob, size_t der_size,

+                         struct sss_cert_content **content)

+{

+    return EINVAL;

+}

diff --git a/src/lib/certmap/sss_certmap_int.h b/src/lib/certmap/sss_certmap_int.h

index 28f1c596cfb5e78077b6a8e9baefa88b4900a022..0b4cda73639be9b323ac3388f97be90bc1a771f2 100644

--- a/src/lib/certmap/sss_certmap_int.h

+++ b/src/lib/certmap/sss_certmap_int.h

@@ -22,12 +22,14 @@

     along with this program.  If not, see <http://www.gnu.org/licenses/>.

 */

-#include <sys/types.h>

-#include <regex.h>

-

 #ifndef __SSS_CERTMAP_INT_H__

 #define __SSS_CERTMAP_INT_H__

+#include <sys/types.h>

+#include <regex.h>

+#include <stdint.h>

+#include <talloc.h>

+

 #define CM_DEBUG(cm_ctx, format, ...) do { \

     if (cm_ctx != NULL && cm_ctx->debug != NULL) { \

         cm_ctx->debug(cm_ctx->debug_priv, __FILE__, __LINE__, __FUNCTION__, \

-- 

2.9.3