Commit 361007f5 authored by Niels Möller's avatar Niels Möller

* certificate.h (struct spki_acl_db): Use nettle_realloc_func for

custom allocation.

* certificate.c (spki_realloc): Deleted function.
(spki_acl_init): Use nettle_realloc.
(acl_by_auth): Take a struct spki_tag argument.
(spki_acl_by_authorization_next): Likewise.
(spki_acl_by_authorization_first): Likewise.
(spki_5_tuple_free_chain): Use spki_tag_release.

Rev: src/spki/certificate.c:1.16
Rev: src/spki/certificate.h:1.15
parent c2a6e98d
......@@ -36,17 +36,11 @@
#include <stdlib.h>
#include <string.h>
static void *
spki_realloc(struct spki_acl_db *db UNUSED, void *p, unsigned size)
{
return realloc(p, size);
}
void
spki_acl_init(struct spki_acl_db *db)
{
db->realloc = spki_realloc;
db->realloc_ctx = NULL;
db->realloc = nettle_realloc;
db->first_principal = NULL;
db->first_acl = NULL;
}
......@@ -251,49 +245,32 @@ spki_acl_parse(struct spki_acl_db *db, struct spki_iterator *i)
/* Iterating through the acls that delegate the requested authorization. */
static const struct spki_5_tuple *
acl_by_auth(const struct spki_5_tuple *acl,
unsigned authorization_length,
const uint8_t *authorization)
struct spki_tag *request)
{
for (; acl; acl = acl->next)
{
struct sexp_iterator delegated;
struct sexp_iterator request;
if (!sexp_iterator_first(&delegated, acl->tag_length, acl->tag))
/* If syntax errors weren't detected when the acl was parsed,
* somthing is very wrong. */
abort();
if (!sexp_iterator_first(&request, authorization_length, authorization))
return NULL;
if (spki_tag_includes(&delegated, &request))
{
assert(delegated.type == SEXP_END);
return (request.type == SEXP_END) ? acl: NULL;
}
}
if (spki_tag_includes(acl->tag, request))
return acl;
return NULL;
}
const struct spki_5_tuple *
spki_acl_by_authorization_next(struct spki_acl_db *db,
const struct spki_5_tuple *acl,
unsigned authorization_length,
const uint8_t *authorization)
struct spki_tag *request)
{
(void) db;
return acl
? acl_by_auth(acl->next, authorization_length, authorization)
? acl_by_auth(acl->next, request)
: NULL;
}
const struct spki_5_tuple *
spki_acl_by_authorization_first(struct spki_acl_db *db,
unsigned authorization_length,
uint8_t *authorization)
struct spki_tag *request)
{
return acl_by_auth(db->first_acl, authorization_length, authorization);
return acl_by_auth(db->first_acl, request);
}
......@@ -305,8 +282,8 @@ spki_5_tuple_free_chain(struct spki_acl_db *db,
while (chain)
{
struct spki_5_tuple *next = chain->next;
if (chain->tag)
SPKI_FREE(db, chain->tag);
spki_tag_release(db->realloc_ctx, db->realloc, chain->tag);
SPKI_FREE(db, chain);
chain = next;
......
......@@ -25,10 +25,13 @@
#include "nettle/md5.h"
#include "nettle/sha.h"
#include "nettle/realloc.h"
/* Real declaration in parse.h */
struct spki_iterator;
struct spki_tag;
#include <time.h>
struct spki_hashes
......@@ -61,23 +64,6 @@ struct spki_principal
/* Information needed to verify signatures for this key. */
void *verifier;
};
#if 0
struct spki_authorization
{
/* Next sibling */
struct spki_authorization *next;
enum spki_tag_type {
SPKI_TAG_ATOM,
SPKI_TAG_LIST,
SPKI_TAG_PREFIX,
SPKI_TAG_SET
} type;
union {
}
};
#endif
enum spki_5_tuple_flags
{
......@@ -120,16 +106,16 @@ struct spki_5_tuple
struct spki_date not_before;
struct spki_date not_after;
/* An s-expression */
/* FIXME: Parse into some internal representation? */
unsigned tag_length;
uint8_t *tag;
/* Tag in internal representation. */
struct spki_tag *tag;
};
struct spki_acl_db
{
/* For custom memory allocation. */
void *(*realloc)(struct spki_acl_db *, void *, unsigned);
void *realloc_ctx;
nettle_realloc_func *realloc;
struct spki_principal *first_principal;
struct spki_5_tuple *first_acl;
......@@ -170,14 +156,12 @@ spki_acl_by_principal_next(struct spki_acl_db *db,
const struct spki_5_tuple *
spki_acl_by_authorization_first(struct spki_acl_db *db,
unsigned authorization_length,
uint8_t *authorization);
struct spki_tag *authorization);
const struct spki_5_tuple *
spki_acl_by_authorization_next(struct spki_acl_db *db,
const struct spki_5_tuple *acl,
unsigned authorization_length,
const uint8_t *authorization);
struct spki_tag *authorization);
/* Certificates */
......@@ -193,8 +177,8 @@ spki_process_sequence_no_signatures(struct spki_acl_db *db,
/* Other more or less internal functions. */
#define SPKI_MALLOC(db, size) ((db)->realloc((db), NULL, (size)))
#define SPKI_FREE(db, p) ((db)->realloc((db), (p), 0))
#define SPKI_MALLOC(db, size) ((db)->realloc((db)->realloc_ctx, NULL, (size)))
#define SPKI_FREE(db, p) ((db)->realloc((db)->realloc_ctx, (p), 0))
#define SPKI_NEW(db, type, var) type *var = SPKI_MALLOC((db), sizeof(type))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment