We have reached a state where we are able to import certs and

check the certification path.

1 files changed, 75 insertions, 28 deletions

diff --git a/kbx/keybox-init.c b/kbx/keybox-init.c
index a4649d18c..1a4a587b9 100644
--- a/kbx/keybox-init.c
+++ b/kbx/keybox-init.c
@@ -23,44 +23,47 @@
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
+#include <assert.h>
 
 #include "keybox-defs.h"
 
+#define compare_filenames strcmp
+
+static KB_NAME kb_names;
+
+
 /* 
- * Register a filename for plain keybox files.  Returns a pointer to
- * be used to create a handles etc or NULL to indicate that it has
- * already been registered */
+  Register a filename for plain keybox files.  Returns a pointer to be
+  used to create a handles etc or NULL to indicate that it has already
+  been registered */
 void *
 keybox_register_file (const char *fname, int secret)
 {
-  return NULL;
-#if 0
-    KB_NAME kr;
+  KB_NAME kr;
 
-    if (active_handles)
-        BUG (); /* We don't allow that */
-
-    for (kr=kb_names; kr; kr = kr->next) {
-        if ( !compare_filenames (kr->fname, fname) )
-            return NULL; /* already registered */
+  for (kr=kb_names; kr; kr = kr->next)
+    {
+      if ( !compare_filenames (kr->fname, fname) )
+        return NULL; /* already registered */
     }
 
-    kr = m_alloc (sizeof *kr + strlen (fname));
-    strcpy (kr->fname, fname);
-    kr->secret = !!secret;
-    kr->lockhd = NULL;
-    kr->is_locked = 0;
-    kr->did_full_scan = 0;
-    /* keep a list of all issued pointers */
-    kr->next = kb_names;
-    kb_names = kr;
-
-    /* create the offset table the first time a function here is used */
-    if (!kb_offtbl)
-      kb_offtbl = new_offset_hash_table ();
-
-    return kr;
-#endif
+  kr = xtrymalloc (sizeof *kr + strlen (fname));
+  if (!kr)
+    return NULL;
+  strcpy (kr->fname, fname);
+  kr->secret = !!secret;
+  /* kr->lockhd = NULL;*/
+  kr->is_locked = 0;
+  kr->did_full_scan = 0;
+  /* keep a list of all issued pointers */
+  kr->next = kb_names;
+  kb_names = kr;
+  
+  /* create the offset table the first time a function here is used */
+/*      if (!kb_offtbl) */
+/*        kb_offtbl = new_offset_hash_table (); */
+
+  return kr;
 }
 
 int
@@ -70,4 +73,48 @@ keybox_is_writable (void *token)
 
   return r? !access (r->fname, W_OK) : 0;
 }
+
     
+
+/* Create a new handle for the resource associated with TOKEN.  SECRET
+   is just a cross-check.
+   
+   The returned handle must be released using keybox_release (). */
+KEYBOX_HANDLE
+keybox_new (void *token, int secret)
+{
+  KEYBOX_HANDLE hd;
+  KB_NAME resource = token;
+
+  assert (resource && !resource->secret == !secret);
+  hd = xtrycalloc (1, sizeof *hd);
+  if (hd)
+    {
+      hd->kb = resource;
+      hd->secret = !!secret;
+    }
+  return hd;
+}
+
+void 
+keybox_release (KEYBOX_HANDLE hd)
+{
+  if (!hd)
+    return;
+  _keybox_release_blob (hd->found.blob);
+  xfree (hd->word_match.name);
+  xfree (hd->word_match.pattern);
+  xfree (hd);
+}
+
+
+const char *
+keybox_get_resource_name (KEYBOX_HANDLE hd)
+{
+  if (!hd || !hd->kb)
+    return NULL;
+  return hd->kb->fname;
+}
+
+
+