[Fedora-directory-commits] ldapserver/m4 db.m4, 1.7, 1.8 icu.m4, 1.1, 1.2
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/m4
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1973
Modified Files:
db.m4 icu.m4
Log Message:
Resolves: #233215
Summary: verify-db.pl still assumes the db dir is always in the instance dir (Comment #10)
Description: To set db_bindir, if db.pc exists, check if bindir variable is
defined in the file or not. If it's defined, set it to db_bindir. If not,
set the default path /usr/bin to db_bindir.
Index: db.m4
===================================================================
RCS file: /cvs/dirsec/ldapserver/m4/db.m4,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- db.m4 7 Feb 2007 23:57:34 -0000 1.7
+++ db.m4 30 Mar 2007 18:20:06 -0000 1.8
@@ -51,7 +51,6 @@
],
AC_MSG_RESULT(no))
dnl default path for the db tools (see [210947] for more details)
-db_bindir=/usr/bin
dnl - check in system locations
if test -z "$db_inc"; then
@@ -80,3 +79,13 @@
[$LIBNSL])
LDFLAGS="$save_ldflags"
+# if DB is not found yet, try pkg-config
+
+# last resort
+# Although the other db_* variables are correctly assigned at this point,
+# db_bindir needs to be set by pkg-config if possible (e.g., on 64-bit Solaris)
+if $PKG_CONFIG --exists db; then
+ db_bindir=`$PKG_CONFIG --variable=bindir db`
+else
+ db_bindir=/usr/bin
+fi
Index: icu.m4
===================================================================
RCS file: /cvs/dirsec/ldapserver/m4/icu.m4,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- icu.m4 17 Oct 2006 17:07:14 -0000 1.1
+++ icu.m4 30 Mar 2007 18:20:06 -0000 1.2
@@ -82,7 +82,7 @@
fi
],
AC_MSG_RESULT(no))
-# if not found yet, try pkg-config
+# if ICU is not found yet, try pkg-config
# last resort
if test -z "$icu_lib"; then
16 years, 8 months
[Fedora-directory-commits] ldapserver/ldap/admin/src create_instance.c, 1.51, 1.52
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/admin/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1819
Modified Files:
create_instance.c
Log Message:
Resolves: #233215
Summary: verify-db.pl still assumes the db dir is always in the instance dir (Comment #8)
Description: Introduced "DB-DIR" macro
Index: create_instance.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/create_instance.c,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- create_instance.c 17 Mar 2007 00:07:09 -0000 1.51
+++ create_instance.c 30 Mar 2007 18:12:30 -0000 1.52
@@ -702,7 +702,7 @@
{
char myperl[PATH_SIZE];
char fn[PATH_SIZE], ofn[PATH_SIZE];
- const char *table[17][2];
+ const char *table[18][2];
if (PR_FAILURE == PR_Access(cs_path, PR_ACCESS_EXISTS)) {
printf("Notice: %s does not exist, skipping %s . . .\n", cs_path, name);
@@ -760,7 +760,9 @@
table[14][1] = PRODUCT_NAME;
table[15][0] = "SERVERBIN-DIR";
table[15][1] = cf->sbindir;
- table[16][0] = table[16][1] = NULL;
+ table[16][0] = "DB-DIR";
+ table[16][1] = cf->db_dir;
+ table[17][0] = table[17][1] = NULL;
if (generate_script(ofn, fn, NEWSCRIPT_MODE, table) != 0) {
return make_error("Could not write %s to %s (%s).", ofn, fn,
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll/submitrequest submitrequest.cpp, 1.2, 1.3
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll/submitrequest
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18942/submitrequest
Modified Files:
submitrequest.cpp
Log Message:
Add Licence, fix build.
Index: submitrequest.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/submitrequest/submitrequest.cpp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- submitrequest.cpp 30 Mar 2007 00:08:54 -0000 1.2
+++ submitrequest.cpp 30 Mar 2007 00:25:41 -0000 1.3
@@ -57,8 +57,6 @@
#include <string>
-#include "stdafx.h"
-
#include "../proxy/RedHatCSProxy_h.h"
#define ONCE(x) (onceflag++ ? 0 : x )
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll/proxy csproxy.h, 1.1, 1.2
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll/proxy
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18942/proxy
Modified Files:
csproxy.h
Log Message:
Add Licence, fix build.
Index: csproxy.h
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/proxy/csproxy.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- csproxy.h 13 Mar 2007 01:36:10 -0000 1.1
+++ csproxy.h 30 Mar 2007 00:25:41 -0000 1.2
@@ -1,3 +1,40 @@
+/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK */
+
#ifndef CSPROXY_H
#define CSPROXY_H
@@ -31,7 +68,7 @@
if (windowsCertTemplateName != NULL) { delete windowsCertTemplateName; }
}
- void parseRequest(const CERTTRANSBLOB *);
+ HRESULT parseRequest(const CERTTRANSBLOB *);
void parseAttributes(const wchar_t *pwszAttributes);
void determineCertificateTemplate();
void populateRequestForTemplate(string &);
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll windowsautoenroll.sln, 1.1, 1.2
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17211
Modified Files:
windowsautoenroll.sln
Log Message:
New solution file includes submitrequest, a test tool.
Index: windowsautoenroll.sln
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/windowsautoenroll.sln,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- windowsautoenroll.sln 13 Mar 2007 01:36:10 -0000 1.1
+++ windowsautoenroll.sln 30 Mar 2007 00:10:37 -0000 1.2
@@ -7,6 +7,10 @@
ProjectSection(ProjectDependencies) = postProject
EndProjectSection
EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "submitrequest", "submitrequest\submitrequest.vcproj", "{B8D349AA-C242-4D81-A6E1-6CB6DBAE1AF2}"
+ ProjectSection(ProjectDependencies) = postProject
+ EndProjectSection
+EndProject
Global
GlobalSection(SolutionConfiguration) = preSolution
Debug = Debug
@@ -21,6 +25,10 @@
{BCE7AE2E-C0C2-4B5A-B05C-02DF16CC9F70}.Debug.Build.0 = Debug|Win32
{BCE7AE2E-C0C2-4B5A-B05C-02DF16CC9F70}.Release.ActiveCfg = Release|Win32
{BCE7AE2E-C0C2-4B5A-B05C-02DF16CC9F70}.Release.Build.0 = Release|Win32
+ {B8D349AA-C242-4D81-A6E1-6CB6DBAE1AF2}.Debug.ActiveCfg = Debug|Win32
+ {B8D349AA-C242-4D81-A6E1-6CB6DBAE1AF2}.Debug.Build.0 = Debug|Win32
+ {B8D349AA-C242-4D81-A6E1-6CB6DBAE1AF2}.Release.ActiveCfg = Release|Win32
+ {B8D349AA-C242-4D81-A6E1-6CB6DBAE1AF2}.Release.Build.0 = Release|Win32
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
EndGlobalSection
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll aep.nsi,1.1,1.2
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17078
Modified Files:
aep.nsi
Log Message:
Bump version to 0.9.2. Add Program files folder for all users, not just current user.
Removed Program files folder on uninstall. Add submitrequest.exe tool.
Index: aep.nsi
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/aep.nsi,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- aep.nsi 13 Mar 2007 01:36:10 -0000 1.1
+++ aep.nsi 30 Mar 2007 00:10:14 -0000 1.2
@@ -4,7 +4,7 @@
; NOTE: this .NSI script is designed for NSIS v1.8+
Name "AEP"
-OutFile "aep-0.9.1-1.win32.i386.exe"
+OutFile "aep-0.9.2-1.win32.i386.exe"
; Some default compiler settings (uncomment and change at will):
; SetCompress auto ; (can be off or force)
@@ -38,6 +38,7 @@
file /oname=$INSTDIR\rhcsproxy.exe "proxy\${BUILDTYPE}\rhcsproxy.exe"
file /oname=$INSTDIR\messages.dll "proxy\${BUILDTYPE}\messages.dll"
+file /oname=$INSTDIR\submitrequest.exe "submitrequest\${BUILDTYPE}\submitrequest.exe"
file /oname=$INSTDIR\panel.exe "panel\bin\${BUILDTYPE}\panel.exe"
createDirectory "$SMPROGRAMS\Red Hat Auto Enrollment Proxy"
@@ -48,7 +49,7 @@
WriteRegStr HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "UninstallString" '"$INSTDIR\uninst.exe"'
WriteRegStr HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "Publisher" "Red Hat"
WriteRegStr HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "URLInfoAbout" "http://directory.fedora.redhat.com/wiki/aep"
-WriteRegStr HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "DisplayVersion" "0.9.1"
+WriteRegStr HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "DisplayVersion" "0.9.2"
WriteRegDWORD HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "VersionMajor" 0
WriteRegDWORD HKEY_LOCAL_MACHINE "Software\Microsoft\Windows\CurrentVersion\Uninstall\RHCSProxy" "VersionMinor" 9
; write out uninstaller
@@ -65,6 +66,11 @@
noexistingconfig:
erase:
+;; This makes the icons appear in all user's program files,
+;; instead of just the current user
+SetShellVarContext all
+StrCpy $1 $DESKTOP
+
;;;;;;;;;;;; COPIED FROM UNINSTALL SECTION BELOW
DeleteRegKey HKEY_LOCAL_MACHINE "SOFTWARE\Red Hat\RHCSProxy"
DeleteRegKey HKEY_CLASSES_ROOT "CLSID\{D99E6E74-FC88-11D0-B498-00A0C90312F3}"
@@ -143,6 +149,9 @@
Section Uninstall
+SetShellVarContext all
+StrCpy $1 $DESKTOP
+
;;;;;;;;;;;;;;;;;;;;;;;;;;; COPY THIS INTO REMOVECONFIG SECTION ABOVE
DeleteRegKey HKEY_LOCAL_MACHINE "SOFTWARE\Red Hat\RHCSProxy"
DeleteRegKey HKEY_CLASSES_ROOT "CLSID\{D99E6E74-FC88-11D0-B498-00A0C90312F3}"
@@ -155,7 +164,9 @@
Delete "$INSTDIR\uninst.exe"
Delete "$INSTDIR\rhcsproxy.exe"
+Delete "$INSTDIR\submitrequest.exe"
Delete "$SMPROGRAMS\Red Hat Auto Enrollment Proxy\Auto Enrollment Proxy Options.lnk"
+RMDir "$SMPROGRAMS\Red Hat Auto Enrollment Proxy"
Delete /REBOOTOK "$INSTDIR\messages.dll"
Delete "$INSTDIR\ProxyPanel.exe"
RMDir /REBOOTOK "$INSTDIR"
@@ -164,4 +175,4 @@
RMDir "$INSTDIR"
SectionEnd ; end of uninstall section
-; eof
\ No newline at end of file
+; eof
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll/submitrequest submitrequest.vcproj, NONE, 1.1 submitrequest.cpp, 1.1.1.1, 1.2
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll/submitrequest
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16870
Modified Files:
submitrequest.cpp
Added Files:
submitrequest.vcproj
Log Message:
Added Licence. Made test case more generic, so other people can use it.
Added loop mode, for performance/stress testing. Fixed PKCS#10
submission. Check that a cert was issued.
--- NEW FILE submitrequest.vcproj ---
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="7.10"
Name="submitrequest"
ProjectGUID="{B8D349AA-C242-4D81-A6E1-6CB6DBAE1AF2}"
Keyword="Win32Proj">
<Platforms>
<Platform
Name="Win32"/>
</Platforms>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="Debug"
IntermediateDirectory="Debug"
ConfigurationType="1"
CharacterSet="2">
<Tool
Name="VCCLCompilerTool"
Optimization="0"
PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
MinimalRebuild="TRUE"
BasicRuntimeChecks="3"
RuntimeLibrary="5"
UsePrecompiledHeader="3"
WarningLevel="3"
Detect64BitPortabilityProblems="TRUE"
DebugInformationFormat="4"/>
<Tool
Name="VCCustomBuildTool"/>
<Tool
Name="VCLinkerTool"
OutputFile="$(OutDir)/submitrequest.exe"
LinkIncremental="2"
GenerateDebugInformation="TRUE"
ProgramDatabaseFile="$(OutDir)/submitrequest.pdb"
SubSystem="1"
TargetMachine="1"/>
<Tool
Name="VCMIDLTool"/>
<Tool
Name="VCPostBuildEventTool"/>
<Tool
Name="VCPreBuildEventTool"/>
<Tool
Name="VCPreLinkEventTool"/>
<Tool
Name="VCResourceCompilerTool"/>
<Tool
Name="VCWebServiceProxyGeneratorTool"/>
<Tool
Name="VCXMLDataGeneratorTool"/>
<Tool
Name="VCWebDeploymentTool"/>
<Tool
Name="VCManagedWrapperGeneratorTool"/>
<Tool
Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="Release"
IntermediateDirectory="Release"
ConfigurationType="1"
CharacterSet="2">
<Tool
Name="VCCLCompilerTool"
PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
GeneratePreprocessedFile="0"
RuntimeLibrary="4"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="TRUE"
DebugInformationFormat="3"/>
<Tool
Name="VCCustomBuildTool"/>
<Tool
Name="VCLinkerTool"
AdditionalDependencies="certidl.lib"
OutputFile="$(OutDir)/submitrequest.exe"
LinkIncremental="1"
GenerateDebugInformation="TRUE"
SubSystem="1"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"/>
<Tool
Name="VCMIDLTool"/>
<Tool
Name="VCPostBuildEventTool"/>
<Tool
Name="VCPreBuildEventTool"/>
<Tool
Name="VCPreLinkEventTool"/>
<Tool
Name="VCResourceCompilerTool"/>
<Tool
Name="VCWebServiceProxyGeneratorTool"/>
<Tool
Name="VCXMLDataGeneratorTool"/>
<Tool
Name="VCWebDeploymentTool"/>
<Tool
Name="VCManagedWrapperGeneratorTool"/>
<Tool
Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
<File
RelativePath=".\submitrequest.cpp">
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
<File
RelativePath=".\stdafx.h">
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}">
</Filter>
<File
RelativePath=".\ReadMe.txt">
</File>
</Files>
<Globals>
</Globals>
</VisualStudioProject>
Index: submitrequest.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/submitrequest/submitrequest.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- submitrequest.cpp 29 Jul 2006 00:42:43 -0000 1.1.1.1
+++ submitrequest.cpp 30 Mar 2007 00:08:54 -0000 1.2
@@ -36,10 +36,12 @@
* END COPYRIGHT BLOCK */
/* This is a test program which will submit a certificate request */
+/* to the auto enrollment proxy */
#define _WIN32_DCOM
+#include <atlbase.h>
#include <windows.h>
#include <stdlib.h>
@@ -48,7 +50,6 @@
#include <assert.h>
-
#include <certcli.h>
#include <certsrv.h>
@@ -58,40 +59,61 @@
#include "stdafx.h"
-#include "../testserver/RedHatCSProxy_h.h"
+#include "../proxy/RedHatCSProxy_h.h"
+
+#define ONCE(x) (onceflag++ ? 0 : x )
+int auth=0;
+int onceflag=0;
+int showcert=0;
+unsigned int duration=0;
+int i2=0;
+char*host = NULL;
+char*attrs = "";
EXTERN_C const IID IID_ICertRequestD;
EXTERN_C const IID IID_ICertConfig;
-void use_ICertRequest();
-void use_ICertRequestD();
+void use_ICertRequest(int size, char*buffer);
+void use_ICertRequestD(int size, char*buffer);
-BSTR get_request_from_file(char *filename)
+void get_request_from_file(char *filename, int *size, char **buffer)
{
- char certreq[10000];
- FILE *fp = fopen(filename,"r");
- if (fp == NULL) { return NULL; }
- certreq[0] = '\0';
+#define bufsize 10000
+ char certreq[bufsize];
+ for(int i=0;i<bufsize;i++) { certreq[i] = 0; }
+ FILE *fp = fopen(filename,"rb");
+ if (fp == NULL) {
+ printf("Couldn't open input file %s\n", filename);
+ exit(1);
+ }
+ size_t offset=0;
size_t n;
- n = fread(certreq,1,10000,fp);
- fclose(fp);
- n++;
-
- //unsigned short *r = (unsigned short*)malloc(sizeof(unsigned short) *(n+3));
- wchar_t *r = (wchar_t*)malloc(sizeof(wchar_t) *(n+3));
- // char*r = (char*)malloc(sizeof(char*) *(n+3));
- unsigned int dest=0;
-
- for (unsigned int i=0;i<=n; i++) {
- if (certreq[i] == '\r' || certreq[i] == '\n') continue;
- //r[dest++] = (wchar_t)certreq[i];
- //r[dest++] = certreq[i];
- r[dest++] = (wchar_t)certreq[i];
-
+ do {
+ n = fread(&certreq[offset],1,bufsize,fp);
+ offset += n;
+ if (offset >= bufsize) {
+ printf("Input file %s too big. Must be smaller than %d bytes\n",
+ filename,bufsize);
+ exit(1);
+ }
+ } while (n);
+
+ if (offset<100) { printf("malformed input file %s\n",filename); exit(1); }
+
+ if (certreq[0] == '-' && certreq[1] == '-') {
+ printf("cannot process base-64 encoded input PKCS#10 - must be DER encoded\n",filename); exit(1);
}
- r[dest] = 0;
- return SysAllocString(r);
+
+ printf("read a total of %d bytes from input file %s\n",offset,filename);
+
+ *buffer = (char*)malloc(offset);
+ memcpy(*buffer, certreq, offset);
+ *size = (int)offset;
+ fclose(fp);
+ return;
+
+
}
int _tmain(int argc, _TCHAR* argv[])
@@ -103,6 +125,71 @@
CLSID certconfig_clid;
wchar_t *certconfig_progid = L"CertificateAuthority.GetConfig";
+ // For now, make the default ICertRequestD.
+ // Need more testing on the ICertRequest case
+ int certreqd = 1;
+
+ int count=1;
+ char*inputfile = NULL;
+
+ USES_CONVERSION;
+
+ for (int i=0;i<argc;i++) {
+ printf("argc[%d]= %s\n",i,argv[i]);
+ if ( argc == 1 ||
+ !strcmp("-h",argv[i]) ||
+ !strcmp("/help",argv[i]) ||
+ !strcmp("-?",argv[i]) ||
+ !strcmp("/?",argv[i]) ||
+ !strcmp("/h",argv[i]) ||
+ !strcmp("-help",argv[i]) ||
+ !strcmp("--help",argv[i]) )
+ {
+ printf("Auto Enrollment Proxy test client.\n");
+ printf("Usage:\n");
+ printf(" %s [options]\n", argv[0]);
+ printf(" -h This help message\n");
+ printf(" -v2 Use version 2 interfaces (ICertRequestD/ICertRequestD2)\n");
+ //printf(" -certreqd Use ICertRequestD interface (default ICertRequest)\n");
+ printf(" -showcert show hex dump of issued cert\n");
+ printf(" -host=[host] FQDN of proxy"); //(required if ICertRequestD interface used\n");
+ printf(" -count=n # of consecutive requests to make\n");
+ printf(" -duration=n # of seconds to run test (mutually exclusive with -count)\n");
+ printf(" -input=file Filename of DER PKCS#10 request (not PEM)\n");
+ printf(" -attrs=XX semicolon-separated list of attributes\n");
+ printf(" for DomainController, use -attr=ccm:FQDN (of DC machine)\n");
+ exit(1);
+ }
+ if (!strcmp("-certreqd",argv[i])) { certreqd = 1; }
+ if (!strcmp("-showcert",argv[i])) { showcert = 1; }
+ if (!strcmp("-auth",argv[i])) { auth = 1; } // unused at present.
+ if (!strcmp("-v2",argv[i])) { i2 = 1; }
+ if (!strncmp("-host=",argv[i],6)) {
+ host = strdup(&argv[i][6]);
+ }
+ if (!strncmp("-input=",argv[i],7)) {
+ inputfile = strdup(&argv[i][7]);
+ }
+ if (!strncmp("-attrs=",argv[i],7)) {
+ attrs = strdup(&argv[i][7]);
+ for (unsigned int j=0;j<strlen(attrs);j++) {
+ if (attrs[j] == ';') attrs[j]='\n';
+ }
+ }
+ if (!strncmp("-count=",argv[i],7)) {
+ char *count_s = strdup(&argv[i][7]);
+ count = atoi(count_s);
+ }
+ if (!strncmp("-duration=",argv[i],10)) {
+ char *duration_s = strdup(&argv[i][10]);
+ duration = atoi(duration_s);
+ }
+ }
+
+ if (count >0 && duration >0) {
+ printf("You can't specify -count AND -duration. Pick just one\n");
+ }
+
/*
HKEY_CLASSES_ROOT\AppID\{D99E6E74-FC88-11D0-B498-00A0C90312F3}
HKEY_CLASSES_ROOT\CLSID\{D99E6E73-FC88-11D0-B498-00A0C90312F3} (certsrv admin)
@@ -129,39 +216,99 @@
*/
-
+ int r_size;
+ char *r_buffer=NULL;
+ get_request_from_file(
+ inputfile != NULL ? inputfile : "testrequest.p10",
+ &r_size,
+ &r_buffer );
+ if (r_buffer==NULL) {
+ printf("You must supply PKCS#10 input file (use -input=file)\n");
+ exit(0);
+ }
-
+ DWORD start_time = GetTickCount();
+ i=0;
+ while ((duration > 0) ? (GetTickCount()- start_time) / 1000 <duration : i < count)
+ {
+ if (count==1) {
+ printf("request %d\n",i+1);
+ } else {
+ printf("request %d/%d\n",i+1,count);
+ }
-
+ if (certreqd) {
+ use_ICertRequestD( r_size, r_buffer);
+ } else {
+ use_ICertRequest( r_size, r_buffer);
+ }
+ i++;
- use_ICertRequest();
- //use_ICertRequestD();
+ }
+ // milliseconds
+ DWORD end_time = GetTickCount();
+ DWORD elapsed = end_time - start_time;
+ printf("---------------\n");
+ printf("%d requests completed in %d seconds\n", i, elapsed/1000);
CoFreeAllLibraries();
return 0;
}
-void use_ICertRequest()
+
+
+void use_ICertRequest(int size, char *buffer)
{
HRESULT r;
+ ICertRequest2 *icr2=NULL;
ICertRequest *icr=NULL;
+ ONCE(printf("Using ICertRequest\n"));
+
BSTR cacert= NULL;
wchar_t *certrequest_progid = L"CertificateAuthority.Request";
CLSID certrequest_clid;
r = CLSIDFromProgID(certrequest_progid, &certrequest_clid);
+ if (FAILED(r)) {
+ printf("failed to get classid for %ws: %lx\n",certrequest_progid,r);
+ exit(0);
+ }
+
+
+ icr=NULL;
r = CoCreateInstance(
- certrequest_clid,
- NULL,
- CLSCTX_ALL,
- IID_ICertRequest,
- (void**)&icr
- );
+ certrequest_clid,
+ NULL,
+ CLSCTX_ALL,
+ IID_ICertRequest,
+ (void**)&icr
+ );
+
+ if (FAILED(r)) {
+ printf("Failed to create instance for ICertRequest: %lx\n",r);
+ exit(0);
+ }
+
+
+
+ icr2=NULL;
+
+ r = CoCreateInstance(
+ certrequest_clid,
+ NULL,
+ CLSCTX_ALL,
+ IID_ICertRequest2,
+ (void**)&icr2
+ );
+
+ if (FAILED(r)) {
+ printf("Failed to create instance for ICertRequest2: %lx\n",r);
+ exit(0);
+ }
//BSTR cacertname = SysAllocString(L"sparkinswindows.sparkins.sfbay.redhat.com\\Steves MS CA");
@@ -176,14 +323,79 @@
(void**)&icc
);
+ if (FAILED(r)) {
+ printf("could not retrieve ICertConfig: %lx\n",r);
+ exit(0);
+ }
+
r = icc->GetConfig(CC_UIPICKCONFIG,&cacertname);
if (FAILED(r)) {
- printf("could not retrieve ca info\n");
+ printf("Failed during call to get CA cert name %lx\n",r);
exit(0);
}
-
printf("got CA info: %ws\n",cacertname);
+ wchar_t *b_a = L"Authority";
+ BSTR b_b = SysAllocString(b_a);
+ BSTR val_b = NULL;
+ r = icc->GetField(b_b,&val_b);
+ printf("GetField value for %ws is: %ws\n", b_b, val_b);
+
+ LONG name_type[] =
+ {
+ CR_PROP_ADVANCEDSERVER,
+ CR_PROP_CACERTSTATE,
+ CR_PROP_CACERTVERSION,
+ CR_PROP_CANAME,
+ CR_PROP_TEMPLATES,
+ CR_PROP_CATYPE,
+ CR_PROP_DNSNAME,
+ CR_PROP_FILEVERSION,
+ CR_PROP_SHAREDFOLDER,
+ CR_PROP_CASIGCERTCOUNT,
+ 0
+ };
+
+ if (icr2!=NULL) {
+ for (int i=0; name_type[i] != 0; i++) {
+ VARIANT v;
+ LONG flags;
+ r = icr2->GetCAPropertyFlags(cacertname,name_type[i],&flags);
+
+ BSTR n = NULL;
+ icr2->GetCAPropertyDisplayName(cacertname,name_type[i],&n);
+
+ r = icr2->GetCAProperty(cacertname,
+ name_type[i],
+ 0, // index
+ flags,
+ CV_OUT_BASE64,
+ &v);
+
+
+ if (SUCCEEDED(r)) {
+ switch (flags & PROPTYPE_MASK) {
+ case PROPTYPE_LONG:
+ printf("%ws, (%d), value=%d\n",n,name_type[i],v.lVal);
+ break;
+ case PROPTYPE_STRING:
+ printf("%ws, (%d), value=%ws\n",n, name_type[i],v.bstrVal);
+ break;
+ }
+ } else {
+ printf("%ws (%d), -> error %lx\n",n,name_type[i],r);
+ }
+ MessageBox(NULL,"Next",NULL,0);
+
+ }
+ }
+
+
+
+
+ MessageBox(NULL,"about to retrieve CA cert",NULL,0);
+
+
// Retrieve the CA certificate.
r = icr->GetCACertificate(FALSE,
@@ -193,18 +405,18 @@
long disp;
- BSTR request = get_request_from_file("testrequest.p10");
- if (request==NULL) {
- printf("could not load test request from file 'testrequest.p10' in current dir\n");
- exit(0);
- }
+ printf("BROKEN: need to fix this\n");
+ exit(0);
+
+/*
r = icr->Submit(
CR_IN_BASE64HEADER | CR_IN_PKCS10,
request,
NULL,
cacertname,
&disp);
+ */
if (!FAILED(r)) {
switch (disp) {
@@ -224,21 +436,33 @@
}
-void use_ICertRequestD()
+
+void use_ICertRequestD(int size, char *buffer)
{
HRESULT r;
ICertRequestD *icrd=NULL;
+ ICertRequestD2 *icrd2=NULL;
+
+ USES_CONVERSION;
+
+ ONCE(printf("Using ICertReqD\n"));
COSERVERINFO si;
si.dwReserved1 = 0;
si.dwReserved2 = 0;
si.pAuthInfo = NULL;
- si.pwszName = L"sparkinswindows.sparkins.sfbay.redhat.com";
+ si.pwszName = L"";
+ if (host) {
+ si.pwszName = A2W(host);
+ } else {
+ printf("hostname must be specified when using ICertRequestD interface\n");
+ }
+ ONCE(printf("using hostname: %ws\n",si.pwszName));
if (1) {
IClassFactory *cf=NULL;
r = CoGetClassObject( CLSID_CCertRequestD,
- CLSCTX_LOCAL_SERVER,
+ CLSCTX_REMOTE_SERVER,
&si,
IID_IClassFactory,
(void**)&cf );
@@ -246,13 +470,25 @@
printf("failed to get class object %lx\n",r);
return;
}
+
r = cf->CreateInstance(NULL, IID_ICertRequestD, (void**)&icrd);
if (FAILED(r)) {
- printf("failed to get instance object %lx\n",r);
+ printf("failed to get instance of icrd %lx\n",r);
+ exit(0);
+ }
+
+ if (i2) {
+ r = icrd->QueryInterface(IID_ICertRequestD2,(void**)&icrd2);
+ if (FAILED(r)) {
+ printf("failed to get instance of icrd2 (ignoring)%lx\n",r);
+
+ }
}
} else {
+
+ /*
MULTI_QI mi;
mi.pIID = &IID_ICertRequestD;
mi.pItf = NULL;
@@ -267,12 +503,15 @@
1,
&mi
);
- icrd = (ICertRequestD*) mi.pItf;
- }
- if (FAILED(r)) {
- printf("agh, couldn't create remote object\n");
- }
+ if (FAILED(r)) {
+ printf("agh, couldn't create CCertRequestD object %lx\n",r);
+ }
+
+ icrd = (ICertRequestD*) mi.pItf;
+ */
+ }
+
/*
@@ -285,32 +524,100 @@
);
*/
-
+#if 0
+ if (icrd2 != NULL) {
+ printf("Calling icrd2->Ping2()\n");
+ r = icrd2->Ping2(L"");
+ } else {
+ printf("Calling icrd2->Ping2()\n");
+ r = icrd->Ping(L"");
+ }
+ printf("ping returned: %lx\n",r);
+#endif
DWORD request_id=0;
DWORD dispword=0;
CERTTRANSBLOB rq;
- rq.cb = 10;
- rq.pb = (BYTE*) "abcdefghij";
+ rq.cb = size;
+ rq.pb = (BYTE*) buffer;
+
CERTTRANSBLOB chainblob;
CERTTRANSBLOB certblob;
CERTTRANSBLOB dispblob;
- char *certchain;
- char *cert;
- char *dispmsg;
-
- r = icrd->Request(CR_IN_BASE64HEADER | CR_IN_PKCS10,
- L"",
- &request_id,
- &dispword,
- L"",
- &rq,
- &chainblob,
- &certblob,
- &dispblob
- );
+ int make_request = 1;
+ wchar_t *wattrs = A2W(attrs);
+
+ if (make_request == 1) {
+ ONCE(printf("icrd2 is: %p\n",(void*)icrd2));
+ if (icrd2 != NULL) {
+ printf("About to call icrd2->Request2\n");
+ r = icrd2->Request2(
+ L"",
+ CR_IN_BASE64HEADER | CR_IN_PKCS10,
+ L"0",
+ &request_id,
+ &dispword,
+ L"",
+ &rq,
+ &chainblob,
+ &certblob,
+ &dispblob
+ );
+
+ } else {
+ ONCE(printf("About to call icr->Request\n"));
+ r = icrd->Request(CR_IN_PKCS10 | CR_IN_BINARY,
+ L"",
+ &request_id,
+ &dispword,
+ wattrs,
+ &rq,
+ &chainblob,
+ &certblob,
+ &dispblob
+ );
+ }
+
+ printf("Request function returned: %lx\n",r);
+ printf("Request disposition: %lx (%s)\n",dispword,
+ (dispword == CR_DISP_ISSUED) ? "ISSUED" : "REJECTED");
+ }
+
+
+ if (showcert) {
+ if (dispword == CR_DISP_ISSUED) {
+ for (unsigned int i=0;i<certblob.cb;i++) {
+ printf("%02x ",certblob.pb[i]);
+ if (i%16 == 15) {
+ printf("\n");
+ }
+ }
+ printf("\n");
+ }
+ }
+
+ CERTTRANSBLOB infoblob;
+ infoblob.cb = 2000;
+ infoblob.pb = (BYTE*)calloc(2000,1);
+
+
+ if (0) {
+
+#define GCC_FILEx 0x66696c65
+#define GCC_FILE 0x656c6966
+#define GCC_NAME 0x6E616D65
+#define GCC_INFO 0x696E666F
+#define GCC_TYPE 0x74707065
+#define GCC_ST 0x73740000
+
+ r = icrd->GetCACert(GCC_FILE, L"Steves MS CA", &infoblob);
+
+ printf("r = %lx\n",r);
+ printf("infoblob = %d\n",infoblob.cb);
+ }
}
+
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll/panel ProxyPanel.cs, 1.3, 1.4 ProxyPanel.resx, 1.1, 1.2
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll/panel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16316
Modified Files:
ProxyPanel.cs ProxyPanel.resx
Log Message:
Bumped version to 0.9.2. Added Licence text. Caught access denied error
(Bugzilla 223020)
Index: ProxyPanel.cs
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/panel/ProxyPanel.cs,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ProxyPanel.cs 13 Mar 2007 01:36:10 -0000 1.3
+++ ProxyPanel.cs 30 Mar 2007 00:05:26 -0000 1.4
@@ -1,3 +1,40 @@
+/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK */
+
using System;
using System.Drawing;
using System.Collections;
@@ -267,12 +304,12 @@
//
// label7
//
+ this.label7.Dock = System.Windows.Forms.DockStyle.Top;
this.label7.Location = new System.Drawing.Point(24, 72);
this.label7.Name = "label7";
this.label7.Size = new System.Drawing.Size(320, 23);
this.label7.TabIndex = 3;
- this.label7.Text = "Version 0.9.1, March 8 , 2007";
- this.label7.Click += new System.EventHandler(this.label7_Click);
+ this.label7.Text = "Version 0.9.2, March 27, 2007";
//
// label6
//
@@ -790,85 +827,94 @@
return;
}
}
- clearADLog();
- // Find the Configuration Naming Context from the RootDSE
- DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
- rootDSE.AuthenticationType = AuthenticationTypes.Secure;
- String cnc = rootDSE.Properties["configurationNamingContext"][0].ToString();
- String rootpath = rootDSE.Path;
- rootpath.Replace("RootDSE","");
-
- adLog("Configuration Naming Context: "+cnc);
- // Traverse down the Conviguration Naming Context...
- DirectoryEntry configBase = new DirectoryEntry("LDAP://"+cnc);
- configBase.AuthenticationType = AuthenticationTypes.Secure;
-
- DirectorySearcher ds = new DirectorySearcher();
-
- // Find CN=Services subtree of CN=Configuration
- ds.SearchRoot = configBase;
- ds.SearchScope = SearchScope.OneLevel;
- ds.Filter = "(CN=Services)";
- SearchResult servicesResult = ds.FindOne();
+ try
+ {
+ clearADLog();
+ // Find the Configuration Naming Context from the RootDSE
+ DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
+ rootDSE.AuthenticationType = AuthenticationTypes.Secure;
+ String cnc = rootDSE.Properties["configurationNamingContext"][0].ToString();
+ String rootpath = rootDSE.Path;
+ rootpath.Replace("RootDSE","");
+
+ adLog("Configuration Naming Context: "+cnc);
+ // Traverse down the Conviguration Naming Context...
+ DirectoryEntry configBase = new DirectoryEntry("LDAP://"+cnc);
+ configBase.AuthenticationType = AuthenticationTypes.Secure;
+
+ DirectorySearcher ds = new DirectorySearcher();
+
+ // Find CN=Services subtree of CN=Configuration
+ ds.SearchRoot = configBase;
+ ds.SearchScope = SearchScope.OneLevel;
+ ds.Filter = "(CN=Services)";
+ SearchResult servicesResult = ds.FindOne();
- DirectoryEntry servicesBase = servicesResult.GetDirectoryEntry();
- String sb_n = servicesBase.Path;
- adLog("Services base: "+sb_n);
+ DirectoryEntry servicesBase = servicesResult.GetDirectoryEntry();
+ String sb_n = servicesBase.Path;
+ adLog("Services base: "+sb_n);
- if (servicesBase == null)
- {
- DialogResult dr = MessageBox.Show("Error: Could not locate 'CN=Services' under base"+
- ds.SearchRoot.Name.ToString());
- }
+ if (servicesBase == null)
+ {
+ DialogResult dr = MessageBox.Show("Error: Could not locate 'CN=Services' under base"+
+ ds.SearchRoot.Name.ToString());
+ }
- // Find "CN=Public Key Services" subtree of CN=Services
- ds.SearchRoot = servicesBase;
- ds.Filter = "(CN=Public Key Services)";
- SearchResult pubkeyResult = ds.FindOne();
- DirectoryEntry pubkeyServicesBase = pubkeyResult.GetDirectoryEntry();
- adLog("Services base: "+pubkeyServicesBase.Path);
+ // Find "CN=Public Key Services" subtree of CN=Services
+ ds.SearchRoot = servicesBase;
+ ds.Filter = "(CN=Public Key Services)";
+ SearchResult pubkeyResult = ds.FindOne();
+ DirectoryEntry pubkeyServicesBase = pubkeyResult.GetDirectoryEntry();
+ adLog("Services base: "+pubkeyServicesBase.Path);
- if (pubkeyServicesBase == null)
- {
- MessageBox.Show("Error: Could not locate 'CN=Public Key Services' under base"+
- ds.SearchRoot.Name.ToString());
- return;
- }
+ if (pubkeyServicesBase == null)
+ {
+ MessageBox.Show("Error: Could not locate 'CN=Public Key Services' under base"+
+ ds.SearchRoot.Name.ToString());
+ return;
+ }
- // Find other subtrees of "CN=Public Key Services"
- ds.SearchRoot = pubkeyServicesBase;
+ // Find other subtrees of "CN=Public Key Services"
+ ds.SearchRoot = pubkeyServicesBase;
- ds.Filter = "(CN=Certificate Templates)";
- SearchResult certificateTemplatesBaseResult = ds.FindOne();
- DirectoryEntry certificateTemplatesBase = certificateTemplatesBaseResult.GetDirectoryEntry();
- certificateTemplatesBase.AuthenticationType = AuthenticationTypes.Secure;
+ ds.Filter = "(CN=Certificate Templates)";
+ SearchResult certificateTemplatesBaseResult = ds.FindOne();
+ DirectoryEntry certificateTemplatesBase = certificateTemplatesBaseResult.GetDirectoryEntry();
+ certificateTemplatesBase.AuthenticationType = AuthenticationTypes.Secure;
- ds.Filter = "(CN=Certification Authorities)";
- SearchResult certificationAuthoritiesBaseResult = ds.FindOne();
- DirectoryEntry certificationAuthoritiesBase = certificationAuthoritiesBaseResult.GetDirectoryEntry();
- certificationAuthoritiesBase.AuthenticationType = AuthenticationTypes.Secure;
-
- ds.Filter = "(CN=Enrollment Services)";
- SearchResult enrollmentServicesBaseResult = ds.FindOne();
- DirectoryEntry enrollmentServicesBase = enrollmentServicesBaseResult.GetDirectoryEntry();
- enrollmentServicesBase.AuthenticationType = AuthenticationTypes.Secure;
-
- // I used to have code to add the certificate templates, but while the
- // WebServer template works fine, the same cannot be said for the DomainController
- // template. A better way to set up the templates is to use the Certificate Templates
- // Snap-in in MCC (MCC should ask you to populate the templates when the Snap-in
- // is started.
+ ds.Filter = "(CN=Certification Authorities)";
+ SearchResult certificationAuthoritiesBaseResult = ds.FindOne();
+ DirectoryEntry certificationAuthoritiesBase = certificationAuthoritiesBaseResult.GetDirectoryEntry();
+ certificationAuthoritiesBase.AuthenticationType = AuthenticationTypes.Secure;
+
+ ds.Filter = "(CN=Enrollment Services)";
+ SearchResult enrollmentServicesBaseResult = ds.FindOne();
+ DirectoryEntry enrollmentServicesBase = enrollmentServicesBaseResult.GetDirectoryEntry();
+ enrollmentServicesBase.AuthenticationType = AuthenticationTypes.Secure;
+
+ // I used to have code to add the certificate templates, but while the
+ // WebServer template works fine, the same cannot be said for the DomainController
+ // template. A better way to set up the templates is to use the Certificate Templates
+ // Snap-in in MCC (MCC should ask you to populate the templates when the Snap-in
+ // is started.
- //addCertificateTemplates(certificateTemplatesBase);
+ //addCertificateTemplates(certificateTemplatesBase);
- // xxx hardcoded string here
- //String cacertb64 = "MIIB8TCCAZugAwIBAgIBATANBgkqhkiG9w0BAQUFADBJMScwJQYDVQQKEx5TZmJheSBSZWRoYXQgRG9tYWluIDIwMDYwNTEwZTExHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0wNjA1MTAyMTE2NDVaFw0wODA0MjkyMTE2NDVaMEkxJzAlBgNVBAoTHlNmYmF5IFJlZGhhdCBEb21haW4gMjAwNjA1MTBlMTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMHjZuV2cWg0Gg8vuVHMaw8dhnbN+28w2TFMiNyqCodCuXCFiduHMRpFkmd9s3Png8oUnceRlGls04CSUIO8g9kCAwEAAaNuMGwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwSQYIKwYBBQUHAQEEPTA7MDkGCCsGAQUFBzABhi1odHRwOi8vYWlyLnNmYmF5LnJlZGhhdC5jb206OTA4MC9vY3NwL2VlL29jc3AwDQYJKoZIhvcNAQEFBQADQQACdQDRYLpJywjd5SfVmPLNEFaLvi3q5E37t6eD7tNuNE42LU+GLN8e95QHDzG3tCKnT6HjP9wWvcrFBWaxJBU0";
- String cacertb64 = certtextbox.Text.
- Replace(begincertificate_str,"").
- Replace(endcertificate_str,"");
- byte[] cacert = Convert.FromBase64String(cacertb64);
- DirectoryEntry d = addCertificationAuthorities(certificationAuthoritiesBase,cacert);
- addEnrollmentServices(enrollmentServicesBase, d, cacert);
+ // xxx hardcoded string here
+ //String cacertb64 = "MIIB8TCCAZugAwIBAgIBATANBgkqhkiG9w0BAQUFADBJMScwJQYDVQQKEx5TZmJheSBSZWRoYXQgRG9tYWluIDIwMDYwNTEwZTExHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0wNjA1MTAyMTE2NDVaFw0wODA0MjkyMTE2NDVaMEkxJzAlBgNVBAoTHlNmYmF5IFJlZGhhdCBEb21haW4gMjAwNjA1MTBlMTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMHjZuV2cWg0Gg8vuVHMaw8dhnbN+28w2TFMiNyqCodCuXCFiduHMRpFkmd9s3Png8oUnceRlGls04CSUIO8g9kCAwEAAaNuMGwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwSQYIKwYBBQUHAQEEPTA7MDkGCCsGAQUFBzABhi1odHRwOi8vYWlyLnNmYmF5LnJlZGhhdC5jb206OTA4MC9vY3NwL2VlL29jc3AwDQYJKoZIhvcNAQEFBQADQQACdQDRYLpJywjd5SfVmPLNEFaLvi3q5E37t6eD7tNuNE42LU+GLN8e95QHDzG3tCKnT6HjP9wWvcrFBWaxJBU0";
+ String cacertb64 = certtextbox.Text.
+ Replace(begincertificate_str,"").
+ Replace(endcertificate_str,"");
+ byte[] cacert = Convert.FromBase64String(cacertb64);
+ DirectoryEntry d = addCertificationAuthorities(certificationAuthoritiesBase,cacert);
+ addEnrollmentServices(enrollmentServicesBase, d, cacert);
+ }
+ catch (System.UnauthorizedAccessException uae)
+ {
+ adLog("Error: Unauthorized");
+ MessageBox.Show("Error: You do not have appropriate permissions to\n"+
+ "modify active directory. Please login as a different user\n");
+ }
}
@@ -1360,10 +1406,5 @@
}
-
- private void label7_Click(object sender, System.EventArgs e)
- {
-
- }
}
}
Index: ProxyPanel.resx
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/panel/ProxyPanel.resx,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ProxyPanel.resx 13 Mar 2007 01:36:10 -0000 1.1
+++ ProxyPanel.resx 30 Mar 2007 00:05:26 -0000 1.2
@@ -304,15 +304,15 @@
<data name="label4.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>Private</value>
</data>
- <data name="populateLDAP.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
- <value>Private</value>
- </data>
<data name="populateLDAP.Locked" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>False</value>
</data>
<data name="populateLDAP.DefaultModifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>Private</value>
</data>
+ <data name="populateLDAP.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+ <value>Private</value>
+ </data>
<data name="caconfig.Locked" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>False</value>
</data>
@@ -346,15 +346,15 @@
<data name="groupBox3.GridSize" type="System.Drawing.Size, System.Drawing, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>8, 8</value>
</data>
+ <data name="groupBox3.SnapToGrid" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+ <value>True</value>
+ </data>
<data name="groupBox3.Locked" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>False</value>
</data>
<data name="groupBox3.DrawGrid" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>True</value>
</data>
- <data name="groupBox3.SnapToGrid" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
- <value>True</value>
- </data>
<data name="groupBox3.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>Private</value>
</data>
@@ -565,15 +565,15 @@
<data name="log_d_ca.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>Private</value>
</data>
+ <data name="log_d_config.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
+ <value>Private</value>
+ </data>
<data name="log_d_config.Locked" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>False</value>
</data>
<data name="log_d_config.DefaultModifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>Private</value>
</data>
- <data name="log_d_config.Modifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
- <value>Private</value>
- </data>
<data name="log_d_com.Locked" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>False</value>
</data>
@@ -676,6 +676,9 @@
<data name="$this.Locked" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>False</value>
</data>
+ <data name="$this.Name">
+ <value>ProxyPanel</value>
+ </data>
<data name="$this.Language" type="System.Globalization.CultureInfo, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>(Default)</value>
</data>
@@ -697,9 +700,6 @@
<data name="$this.SnapToGrid" type="System.Boolean, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>True</value>
</data>
- <data name="$this.Name">
- <value>ProxyPanel</value>
- </data>
<data name="$this.DefaultModifiers" type="System.CodeDom.MemberAttributes, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<value>Private</value>
</data>
16 years, 8 months
[Fedora-directory-commits] windowsautoenroll/proxy proxy.cpp, 1.2, 1.3 registry.cpp, 1.1, 1.2 service.cpp, 1.1, 1.2 submit.cpp, 1.2, 1.3 util.cpp, 1.1, 1.2
by Doctor Conrad
Author: sparkins
Update of /cvs/dirsec/windowsautoenroll/proxy
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11713
Modified Files:
proxy.cpp registry.cpp service.cpp submit.cpp util.cpp
Log Message:
Add Licence. Improve logging. Detect Bad PKCS10 request earlier. Enable failover.
Index: proxy.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/proxy/proxy.cpp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- proxy.cpp 13 Mar 2007 01:36:10 -0000 1.2
+++ proxy.cpp 29 Mar 2007 23:55:51 -0000 1.3
@@ -1,4 +1,38 @@
/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
* END COPYRIGHT BLOCK */
@@ -173,17 +207,25 @@
//_asm int 3;
+ pctbDispositionMessage->cb = 0;
debugt(LOG_D_FUNC,"Request2()");
if (pctbRequest->cb >7) {
+ int q = pctbRequest->cb - 7;
debugt(LOG_D_DETAIL,"---- Request2(flags=%hx, authority=%ws, requestid=%hd, attributes=%ws,"
- " serial=%ws request[0..6]=%02x:%02x:%02x:%02x:%02x:%02x:%02x",
+ " serial=%ws request[0..6]=%02x:%02x:%02x:%02x:%02x:%02x:%02x "
+ " request[%d..%d]=%02x:%02x:%02x:%02x:%02x:%02x:%02x" ,
dwFlags, pwszAuthority, pdwRequestId, pwszAttributes,
pwszSerialNumber,
pctbRequest->pb[0], pctbRequest->pb[1],
pctbRequest->pb[2], pctbRequest->pb[3],
pctbRequest->pb[4], pctbRequest->pb[5],
- pctbRequest->pb[6]
+ pctbRequest->pb[6],
+ q, q+6,
+ pctbRequest->pb[q+0], pctbRequest->pb[q+1],
+ pctbRequest->pb[q+2], pctbRequest->pb[q+3],
+ pctbRequest->pb[q+4], pctbRequest->pb[q+5],
+ pctbRequest->pb[q+6]
);
}
IServerSecurity *iss = NULL;
@@ -228,19 +270,26 @@
username,
caps );
+ *pdwDisposition = CR_DISP_ERROR;
+
configvars *vars = reg->getvars();
+ context cx(vars);
+
requestinfo req;
/* Pull apart PKCS#10, putting pieces into request object */
- req.parseRequest(pctbRequest);
-
+ r = req.parseRequest(pctbRequest);
+ if (!SUCCEEDED(r)) {
+ debugt(LOG_REQ,"failed to parse PKCS#10 - error: %lx",r);
+ goto loser;
+ }
+ {
/* Pull apart attribute strings into request object */
req.parseAttributes(pwszAttributes);
/* Figure out which type of cert the requestor wants */
req.determineCertificateTemplate();
-
- context cx(vars);
+
cx.request = &req;
/* if a profile map exists, convert the windows cert template
@@ -253,7 +302,6 @@
// Copies pieces of the of the request into http name/value pairs
req.populateRequestForTemplate(csprofile);
-
vector<cainfo*> candidatecas = cx.makeCandidateCAList();
if (candidatecas.size() == 0) {
@@ -267,13 +315,16 @@
}
- *pdwDisposition = CR_DISP_ERROR;
+
string cert, certchain;
for (unsigned int j=0; j<respondingcas.size(); j++) {
cx.selectedca = respondingcas[j];
- debug("Request: submitting to CA");
+ debug("Request: submitting to CA (%d/%d): %s:%d",
+ (j+1), respondingcas.size(),
+ cx.selectedca->host, cx.selectedca->port);
+
r = cx.submitRequestToCA(cert, certchain);
debug("submitRequestToCA returned %lx",r);
@@ -281,23 +332,27 @@
GetSystemTimeAsFileTime(&cx.selectedca->last_success);
} else {
GetSystemTimeAsFileTime(&cx.selectedca->last_failure);
- }
-
- size_t errors_size = cx.errors.size();
- if (errors_size>0) {
- string e = cx.errors[0];
- if (errors_size > 1) {
- for (unsigned int k=1; k < errors_size; k++) {
- e = " >> "+ cx.errors[k];
- }
- }
-
debugt(LOG_GENERAL, "%s error was encountered while "
"submitting the certificate request to CA "
- "%s:%d. \nFull error details: %s",
+ "%s:%d. ",
cx.fatalerror ? "A fatal" : "A nonfatal",
- cx.selectedca->host, cx.selectedca->port,
- e.c_str());
+ cx.selectedca->host, cx.selectedca->port
+ );
+
+
+
+ size_t errors_size = cx.errors.size();
+ if (errors_size>0) {
+ string e = cx.errors[0];
+ if (errors_size > 1) {
+ for (unsigned int k=1; k < errors_size; k++) {
+ e = " >> "+ cx.errors[k];
+ }
+ }
+
+
+ debugt(LOG_GENERAL, "Full error details: %s", e.c_str());
+ }
}
/* If we got a certificate, break */
@@ -323,6 +378,7 @@
}
}
+
if (r == 0) { // success
decodeToBlob(cert.c_str(), pctbEncodedCert);
@@ -361,7 +417,8 @@
#endif
}
-
+ }
+loser:
return S_OK;
}
@@ -938,7 +995,7 @@
* SubjectAltName extension in the request, which means I have to
* figure out the DC GUID through other means. sigh.
*/
-void requestinfo::parseRequest(const CERTTRANSBLOB *p10)
+HRESULT requestinfo::parseRequest(const CERTTRANSBLOB *p10)
{
CERT_REQUEST_INFO *b;
DWORD b_size = 0;
@@ -947,6 +1004,13 @@
this->PKCS10Request = encode_base64(p10->cb, p10->pb);
+//#define DUMPREQUESTTOFILE
+#ifdef DUMPREQUESTTOFILE
+ debugt(LOG_D_FUNC,"parseRequest: writing %d bytes",p10->cb);
+ FILE *fp = fopen("c:\\dc_p10.der","wb");
+ fwrite(p10->pb,1,p10->cb,fp);
+ fclose(fp);
+#endif
// Pull apart the PKCS#10 cert request.
if (! CryptDecodeObjectEx(
X509_ASN_ENCODING,
@@ -960,7 +1024,7 @@
) )
{
debugt(LOG_D_DETAIL,"failed to parse PKCS#10 - error: %lx:",GetLastError());
- return;
+ return GetLastError();
}
/* For each attribute: */
@@ -1031,6 +1095,7 @@
}
}
debugt(LOG_D_FUNC,"parseRequest (returning)");
+ return 0;
}
@@ -1074,6 +1139,7 @@
cas.push_back(config->all_cas[i]);
}
}
+ debugt(LOG_D_FUNC,"findRespondingCAs - found %d CA's", cas.size());
debugt(LOG_D_FUNC,"findRespondingCAs (returning)");
return cas;
@@ -1084,12 +1150,14 @@
debugt(LOG_D_FUNC,"makeCandidateCAList");
// make a list of all the CAs which can service the request
vector<cainfo*> cas;
+ debugt(LOG_D_FUNC,"makeCandidateCAList - looking at %d CA's", config->all_cas.size());
for (unsigned int i=0;i <config->all_cas.size(); i++) {
if ( config->all_cas[i]->canService(request->windowsCertTemplateName))
{
cas.push_back(config->all_cas[i]);
}
}
+ debugt(LOG_D_FUNC,"makeCandidateCAList - found %d CA's", cas.size());
debugt(LOG_D_FUNC,"makeCandidateCAList (returning)");
return cas;
}
Index: registry.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/proxy/registry.cpp,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- registry.cpp 13 Mar 2007 01:36:10 -0000 1.1
+++ registry.cpp 29 Mar 2007 23:55:51 -0000 1.2
@@ -1,3 +1,41 @@
+/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK */
+
+
#define _WIN32_DCOM
#include <windows.h>
#include <winhttp.h>
@@ -213,8 +251,6 @@
v->all_cas.push_back(ca);
RegCloseKey(cainfokey);
-
- break; // just take the first one for now
}
}
Index: service.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/proxy/service.cpp,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- service.cpp 13 Mar 2007 01:36:10 -0000 1.1
+++ service.cpp 29 Mar 2007 23:55:51 -0000 1.2
@@ -1,4 +1,38 @@
/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
* END COPYRIGHT BLOCK */
Index: submit.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/proxy/submit.cpp,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- submit.cpp 13 Mar 2007 01:36:10 -0000 1.2
+++ submit.cpp 29 Mar 2007 23:55:51 -0000 1.3
@@ -1,4 +1,38 @@
/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
* END COPYRIGHT BLOCK */
#define _WIN32_DCOM
@@ -25,6 +59,7 @@
#include <iostream>
#include <iterator>
#include <sstream>
+#include <strstream>
#include <string>
#include <vector>
@@ -511,6 +546,11 @@
if (!bResults) {
r = GetLastError();
+
+ strstream ss;
+ ss << r << '\0';
+ string s = ss.str();
+ errors.push_back( string("WinHTTP reported: ") + s );
r = (r &0xffff) | 0x8C060000;
goto loser;
}
Index: util.cpp
===================================================================
RCS file: /cvs/dirsec/windowsautoenroll/proxy/util.cpp,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- util.cpp 13 Mar 2007 01:36:10 -0000 1.1
+++ util.cpp 29 Mar 2007 23:55:51 -0000 1.2
@@ -1,3 +1,41 @@
+/** BEGIN COPYRIGHT BLOCK
+ * This Program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; version 2 of the License.
+ *
+ * This Program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA.
+ *
+ * In addition, as a special exception, Red Hat, Inc. gives You the additional
+ * right to link the code of this Program with code not covered under the GNU
+ * General Public License ("Non-GPL Code") and to distribute linked combinations
+ * including the two, subject to the limitations in this paragraph. Non-GPL Code
+ * permitted under this exception must only link to the code of this Program
+ * through those well defined interfaces identified in the file named EXCEPTION
+ * found in the source code files (the "Approved Interfaces"). The files of
+ * Non-GPL Code may instantiate templates or use macros or inline functions from
+ * the Approved Interfaces without causing the resulting work to be covered by
+ * the GNU General Public License. Only Red Hat, Inc. may make changes or
+ * additions to the list of Approved Interfaces. You must obey the GNU General
+ * Public License in all respects for all of the Program code and other code used
+ * in conjunction with the Program except the Non-GPL Code covered by this
+ * exception. If you modify this file, you may extend this exception to your
+ * version of the file, but you are not obligated to do so. If you do not wish to
+ * provide this exception without modification, you must delete this exception
+ * statement from your version and license this file solely under the GPL without
+ * exception.
+ *
+ *
+ * Copyright (C) 2006 Red Hat, Inc.
+ * All rights reserved.
+ * END COPYRIGHT BLOCK */
+
+
/* printcertnames() will print out, to the console, a list of all certificate names
which are available in the MY certificate store, so you can figure out which to use
for client-auth. This isn't useful any more, since:
16 years, 8 months
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts template-db2ldif.in, 1.7, 1.8
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5977
Modified Files:
template-db2ldif.in
Log Message:
Resolves: 233027
Summary: make db2bak.pl & db2ldif.pl user more user-friendly (Comment #10)
Change: fixed 'db2ldif -s ""' fails with shift unavailable
Index: template-db2ldif.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/template-db2ldif.in,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- template-db2ldif.in 24 Mar 2007 00:51:11 -0000 1.7
+++ template-db2ldif.in 29 Mar 2007 22:24:52 -0000 1.8
@@ -44,7 +44,9 @@
elif [ "$1" = "-M" ]; then
be=""
fi
- shift
+ if [ "$1" != "" ]; then
+ shift
+ fi
done
if [ "$be" = "" ]; then
16 years, 8 months