Commit a875dcc6 authored by Mark Andrews's avatar Mark Andrews Committed by Ondřej Surý
Browse files

Remove custom ISC SPNEGO implementation

The custom ISC SPNEGO mechanism implementation is no longer needed on
the basis that all major Kerberos 5/GSSAPI (mit-krb5, heimdal and
Windows) implementations support SPNEGO mechanism since 2006.

This commit removes the custom ISC SPNEGO implementation, and removes
the option from both autoconf and win32 Configure script.  Unknown
options are being ignored, so this doesn't require any special handling.
parent 216a9718
......@@ -705,7 +705,6 @@ ISC_PLATFORM_HAVESYSUNH
LIBCAP_LIBS
DST_EXTRA_SRCS
DST_EXTRA_OBJS
USE_ISC_SPNEGO
READLINE_LIB
BIND9_CO_RULE
LIBTOOL_MODE_UNINSTALL
......@@ -860,6 +859,7 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
......@@ -928,7 +928,6 @@ enable_backtrace
enable_symtable
enable_tcp_fastopen
with_readline
enable_isc_spnego
enable_chroot
enable_linux_caps
enable_fixed_rrset
......@@ -1026,6 +1025,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
......@@ -1278,6 +1278,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
 
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
......@@ -1415,7 +1424,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir
libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
......@@ -1568,6 +1577,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
......@@ -1634,7 +1644,6 @@ Optional Features:
--enable-symtable use internal symbol table for backtrace
[all|minimal(default)|none]
--disable-tcp-fastopen disable TCP Fast Open support [default=yes]
--disable-isc-spnego use SPNEGO from GSSAPI library
--disable-chroot disable chroot
--disable-linux-caps disable Linux capabilities
--enable-fixed-rrset enable fixed rrset ordering [default=no]
......@@ -4013,7 +4022,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
......@@ -4059,7 +4068,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
......@@ -4083,7 +4092,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
......@@ -4128,7 +4137,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
......@@ -4152,7 +4161,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
......@@ -5410,7 +5419,7 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
lt_cv_deplibs_check_method=pass_all
;;
 
netbsd*)
netbsd* | netbsdelf*-gnu)
if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
else
......@@ -5772,7 +5781,7 @@ esac
fi
 
: ${AR=ar}
: ${AR_FLAGS=cru}
: ${AR_FLAGS=cr}
 
 
 
......@@ -6315,11 +6324,8 @@ _LT_EOF
test $ac_status = 0; }; then
# Now try to grab the symbols.
nlist=conftest.nm
if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5
(eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; } && test -s "$nlist"; then
$ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&5
if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&5 && test -s "$nlist"; then
# Try sorting and uniquifying the output.
if sort "$nlist" | uniq > "$nlist"T; then
mv -f "$nlist"T "$nlist"
......@@ -7538,8 +7544,8 @@ int forced_loaded() { return 2;}
_LT_EOF
echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
$LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
echo "$AR cru libconftest.a conftest.o" >&5
$AR cru libconftest.a conftest.o 2>&5
echo "$AR cr libconftest.a conftest.o" >&5
$AR cr libconftest.a conftest.o 2>&5
echo "$RANLIB libconftest.a" >&5
$RANLIB libconftest.a 2>&5
cat > conftest.c << _LT_EOF
......@@ -7566,11 +7572,16 @@ $as_echo "$lt_cv_ld_force_load" >&6; }
_lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;;
darwin1.*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
darwin*)
case ${MACOSX_DEPLOYMENT_TARGET},$host in
10.[012],*|,*powerpc*)
darwin*) # darwin 5.x on
# if running on 10.5 or later, the deployment target defaults
# to the OS version, if on x86, and 10.4, the deployment
# target defaults to 10.4. Don't you love it?
case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
10.0,*86*-darwin8*|10.0,*-darwin[912]*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
10.[012][,.]*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
*)
10.*|11.*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
esac
;;
......@@ -8396,6 +8407,12 @@ lt_prog_compiler_static=
lt_prog_compiler_pic='-KPIC'
lt_prog_compiler_static='-static'
;;
# flang / f18. f95 an alias for gfortran or flang on Debian
flang* | f18* | f95*)
lt_prog_compiler_wl='-Wl,'
lt_prog_compiler_pic='-fPIC'
lt_prog_compiler_static='-static'
;;
# icc used to be incompatible with GCC.
# ICC 10 doesn't accept -KPIC any more.
icc* | ifort*)
......@@ -8872,6 +8889,9 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie
openbsd* | bitrig*)
with_gnu_ld=no
;;
linux* | k*bsd*-gnu | gnu*)
link_all_deplibs=no
;;
esac
 
ld_shlibs=yes
......@@ -9126,7 +9146,7 @@ _LT_EOF
fi
;;
 
netbsd*)
netbsd* | netbsdelf*-gnu)
if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
wlarc=
......@@ -9796,6 +9816,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; }
if test yes = "$lt_cv_irix_exported_symbol"; then
archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib'
fi
link_all_deplibs=no
else
archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib'
......@@ -9817,7 +9838,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; }
esac
;;
 
netbsd*)
netbsd* | netbsdelf*-gnu)
if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
else
......@@ -10932,6 +10953,18 @@ fi
dynamic_linker='GNU/Linux ld.so'
;;
 
netbsdelf*-gnu)
version_type=linux
need_lib_prefix=no
need_version=no
library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
soname_spec='${libname}${release}${shared_ext}$major'
shlibpath_var=LD_LIBRARY_PATH
shlibpath_overrides_runpath=no
hardcode_into_libs=yes
dynamic_linker='NetBSD ld.elf_so'
;;
netbsd*)
version_type=sunos
need_lib_prefix=no
......@@ -19548,35 +19581,6 @@ done
 
fi
 
#
# Use our own SPNEGO implementation?
#
# [pairwise: --enable-isc-spnego, --disable-isc-spnego]
# Check whether --enable-isc-spnego was given.
if test "${enable_isc_spnego+set}" = set; then :
enableval=$enable_isc_spnego;
fi
if test -n "$USE_GSSAPI"
then
case "$enable_isc_spnego" in
yes|'')
USE_ISC_SPNEGO='-DUSE_ISC_SPNEGO'
DST_EXTRA_OBJS="$DST_EXTRA_OBJS spnego.$O"
DST_EXTRA_SRCS="$DST_EXTRA_SRCS spnego.c"
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using SPNEGO from lib/dns" >&5
$as_echo "using SPNEGO from lib/dns" >&6; }
;;
no)
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using SPNEGO from GSSAPI library" >&5
$as_echo "using SPNEGO from GSSAPI library" >&6; }
;;
esac
fi
 
 
 
......@@ -25721,7 +25725,6 @@ $as_echo "$as_me: executing $ac_file commands" >&6;}
cat <<_LT_EOF >> "$cfgfile"
#! $SHELL
# Generated automatically by $as_me ($PACKAGE) $VERSION
# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
# NOTE: Changes made to this file will be lost: look at ltmain.sh.
 
# Provide generalized library-building support services.
......
......@@ -1735,31 +1735,6 @@ then
AC_CHECK_HEADERS(readline/history.h)
fi
#
# Use our own SPNEGO implementation?
#
# [pairwise: --enable-isc-spnego, --disable-isc-spnego]
AC_ARG_ENABLE(isc-spnego,
AS_HELP_STRING([--disable-isc-spnego],
[use SPNEGO from GSSAPI library]))
if test -n "$USE_GSSAPI"
then
case "$enable_isc_spnego" in
yes|'')
USE_ISC_SPNEGO='-DUSE_ISC_SPNEGO'
DST_EXTRA_OBJS="$DST_EXTRA_OBJS spnego.$O"
DST_EXTRA_SRCS="$DST_EXTRA_SRCS spnego.c"
AC_MSG_RESULT(using SPNEGO from lib/dns)
;;
no)
AC_MSG_RESULT(using SPNEGO from GSSAPI library)
;;
esac
fi
AC_SUBST(USE_ISC_SPNEGO)
AC_SUBST(DST_EXTRA_OBJS)
AC_SUBST(DST_EXTRA_SRCS)
......
......@@ -22,8 +22,6 @@ VERSION=@BIND9_VERSION@
@BIND9_MAKE_INCLUDES@
USE_ISC_SPNEGO = @USE_ISC_SPNEGO@
CINCLUDES = -I. -I${top_srcdir}/lib/dns -Iinclude ${DNS_INCLUDES} \
${ISC_INCLUDES} \
${FSTRM_CFLAGS} \
......@@ -34,7 +32,7 @@ CINCLUDES = -I. -I${top_srcdir}/lib/dns -Iinclude ${DNS_INCLUDES} \
${LMDB_CFLAGS} \
${MAXMINDDB_CFLAGS}
CDEFINES = @USE_GSSAPI@ ${USE_ISC_SPNEGO}
CDEFINES = @USE_GSSAPI@
CWARNINGS =
......@@ -213,5 +211,3 @@ dnstap.pb-c.c dnstap.pb-c.h: dnstap.proto
$(PROTOC_C) --c_out=. --proto_path ${srcdir} dnstap.proto
dnstap.pb-c.@O@: dnstap.pb-c.c
spnego.@O@: spnego_asn1.c spnego.h
......@@ -42,16 +42,6 @@
#include "dst_internal.h"
/*
* If we're using our own SPNEGO implementation (see configure.in),
* pull it in now. Otherwise, we just use whatever GSSAPI supplies.
*/
#if defined(GSSAPI) && defined(USE_ISC_SPNEGO)
#include "spnego.h"
#define gss_accept_sec_context gss_accept_sec_context_spnego
#define gss_init_sec_context gss_init_sec_context_spnego
#endif /* if defined(GSSAPI) && defined(USE_ISC_SPNEGO) */
/*
* Solaris8 apparently needs an explicit OID set, and Solaris10 needs
* one for anything but Kerberos. Supplying an explicit OID set
......@@ -69,16 +59,12 @@
static unsigned char krb5_mech_oid_bytes[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x12, 0x01, 0x02, 0x02 };
#ifndef USE_ISC_SPNEGO
static unsigned char spnego_mech_oid_bytes[] = { 0x2b, 0x06, 0x01,
0x05, 0x05, 0x02 };
#endif /* ifndef USE_ISC_SPNEGO */
static gss_OID_desc mech_oid_set_array[] = {
{ sizeof(krb5_mech_oid_bytes), krb5_mech_oid_bytes },
#ifndef USE_ISC_SPNEGO
{ sizeof(spnego_mech_oid_bytes), spnego_mech_oid_bytes },
#endif /* ifndef USE_ISC_SPNEGO */
};
static gss_OID_set_desc mech_oid_set = { sizeof(mech_oid_set_array) /
......
-- Copyright (C) The Internet Society 2005. This version of
-- this module is part of RFC 4178; see the RFC itself for
-- full legal notices.
-- (The above copyright notice is per RFC 3978 5.6 (a), q.v.)
-- This is the SPNEGO ASN.1 module from RFC 4178, tweaked
-- to get the Heimdal ASN.1 compiler to accept it.
SPNEGOASNOneSpec DEFINITIONS ::= BEGIN
MechType ::= OBJECT IDENTIFIER
MechTypeList ::= SEQUENCE OF MechType
ContextFlags ::= BIT STRING {
delegFlag (0),
mutualFlag (1),
replayFlag (2),
sequenceFlag (3),
anonFlag (4),
confFlag (5),
integFlag (6)
}
NegTokenInit ::= SEQUENCE {
mechTypes [0] MechTypeList,
reqFlags [1] ContextFlags OPTIONAL,
mechToken [2] OCTET STRING OPTIONAL,
mechListMIC [3] OCTET STRING OPTIONAL
}
NegTokenResp ::= SEQUENCE {
negState [0] ENUMERATED {
accept-completed (0),
accept-incomplete (1),
reject (2),
request-mic (3)
} OPTIONAL,
supportedMech [1] MechType OPTIONAL,
responseToken [2] OCTET STRING OPTIONAL,
mechListMIC [3] OCTET STRING OPTIONAL
}
NegotiationToken ::= CHOICE {
negTokenInit [0] NegTokenInit,
negTokenResp [1] NegTokenResp
}
END
This diff is collapsed.
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*! \file
* \brief
* Entry points into portable SPNEGO implementation.
* See spnego.c for information on the SPNEGO implementation itself.
*/
#ifndef _SPNEGO_H_
#define _SPNEGO_H_
/*%
* Wrapper for GSSAPI gss_init_sec_context(), using portable SPNEGO
* implementation instead of the one that's part of the GSSAPI
* library. Takes arguments identical to the standard GSSAPI
* function, uses standard gss_init_sec_context() to handle
* everything inside the SPNEGO wrapper.
*/
OM_uint32
gss_init_sec_context_spnego(OM_uint32 *, const gss_cred_id_t, gss_ctx_id_t *,
const gss_name_t, const gss_OID, OM_uint32,
OM_uint32, const gss_channel_bindings_t,
const gss_buffer_t, gss_OID *, gss_buffer_t,
OM_uint32 *, OM_uint32 *);
/*%
* Wrapper for GSSAPI gss_accept_sec_context(), using portable SPNEGO
* implementation instead of the one that's part of the GSSAPI
* library. Takes arguments identical to the standard GSSAPI
* function. Checks the OID of the input token to see if it's SPNEGO;
* if so, processes it, otherwise hands the call off to the standard
* gss_accept_sec_context() function.
*/
OM_uint32
gss_accept_sec_context_spnego(OM_uint32 *, gss_ctx_id_t *, const gss_cred_id_t,
const gss_buffer_t, const gss_channel_bindings_t,
gss_name_t *, gss_OID *, gss_buffer_t,
OM_uint32 *, OM_uint32 *, gss_cred_id_t *);
#endif /* ifndef _SPNEGO_H_ */
This diff is collapsed.
#!/bin/bin/perl -w
#
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
# Our SPNEGO implementation uses some functions generated by the
# Heimdal ASN.1 compiler, which this script then whacks a bit to make
# them work properly in this stripped down implementation. We don't
# want to require our users to have a copy of the compiler, so we ship
# the output of this script, but we need to keep the script around in
# any case to cope with future changes to the SPNEGO ASN.1 code, so we
# might as well supply the script for users who want it.
# Overall plan: run the ASN.1 compiler, run each of its output files
# through indent, fix up symbols and whack everything to be static.
# We use indent for two reasons: (1) to whack the Heimdal compiler's
# output into something closer to ISC's coding standard, and (2) to
# make it easier for this script to parse the result.
# Output from this script is C code which we expect to be #included
# into another C file, which is why everything generated by this
# script is marked "static". The intent is to minimize the number of
# extern symbols exported by the SPNEGO implementation, to avoid
# potential conflicts with the GSSAPI libraries.
###
# Filename of the ASN.1 specification. Hardcoded for the moment
# since this script is intended for compiling exactly one module.
my $asn1_source = $ENV{ASN1_SOURCE} || "spnego.asn1";
# Heimdal ASN.1 compiler. This script was written using the version
# from Heimdal 0.7.1. To build this, download a copy of
# heimdal-0.7.1.tar.gz, configure and build with the default options,
# then look for the compiler in heimdal-0.7.1/lib/asn1/asn1_compile.
my $asn1_compile = $ENV{ASN1_COMPILE} || "asn1_compile";
# BSD indent program. This script was written using the version of
# indent that comes with FreeBSD 4.11-STABLE. The GNU project, as
# usual, couldn't resist the temptation to monkey with indent's
# command line syntax, so this probably won't work with GNU indent.
my $indent = $ENV{INDENT} || "indent";
###
# Step 1: run the compiler. Input is the ASN.1 file. Outputs are a
# header file (name specified on command line without the .h suffix),
# a file called "asn1_files" listing the names of the other output
# files, and a set of files containing C code generated by the
# compiler for each data type that the compiler found.
if (! -r $asn1_source || system($asn1_compile, $asn1_source, "asn1")) {
die("Couldn't compile ASN.1 source file $asn1_source\n");
}
my @files = ("asn1.h");
open(F, "asn1_files")
or die("Couldn't open asn1_files: $!\n");
push(@files, split)
while (<F>);
close(F);
unlink("asn1_files");
###
# Step 2: generate header block.
print(q~/*
* Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*! \file
* \brief Method routines generated from SPNEGO ASN.1 module.
* See spnego_asn1.pl for details. Do not edit.
*/
~);
###
# Step 3: read and process each generated file, then delete it.
my $output;
for my $file (@files) {
my $is_static = 0;
system($indent, "-di1", "-ldi1", $file) == 0
or die("Couldn't indent $file");
unlink("$file.BAK");
open(F, $file)
or die("Couldn't open $file: $!");
while (<F>) {
# Symbol name fixups
s/heim_general_string/general_string/g;
s/heim_octet_string/octet_string/g;
s/heim_oid/oid/g;
s/heim_utf8_string/utf8_string/g;
# Convert all externs to statics
if (/^static/) {
$is_static = 1;
}
if (!/^typedef/ &&
!$is_static &&
/^[A-Za-z_][0-9A-Za-z_]*[ \t]*($|[^:0-9A-Za-z_])/) {
$_ = "static " . $_;
$is_static = 1;
}
if (/[{};]/) {
$is_static = 0;
}
# Suppress file inclusion, pass anything else through
if (!/#include/) {
$output .= $_;
}
}
close(F);
unlink($file);
}
# Step 4: Delete unused stuff to avoid code bloat and compiler warnings.
my @unused_functions = qw(ContextFlags2int
int2ContextFlags
asn1_ContextFlags_units
length_NegTokenInit
copy_NegTokenInit
length_NegTokenResp
copy_NegTokenResp
length_MechTypeList
length_MechType
copy_MechTypeList
length_ContextFlags
copy_ContextFlags
copy_MechType);
$output =~ s<^static [^\n]+\n$_\(.+?^}></* unused function: $_ */\n>ms
foreach (@unused_functions);
$output =~ s<^static .+$_\(.*\);$></* unused declaration: $_ */>m
foreach (@unused_functions);