pjs/security/svrcore
richm%stanfordalumni.org f7791eab15 Bump spec rev to 3
Remove unneeded buildrequires perl, gawk, sed
Remove leading / from path macros
Remove provides for package name - done automatically
Move pkgconfig file stuff under install
Added LICENSE and README under docs
2006-07-13 18:10:21 +00:00
..
INSTALL bump version to 4.0.2; now using HEAD of mozilla/security/coreconf which has fixed the coreconf location patch, so get rid of patch file 2006-06-22 19:38:24 +00:00
LICENSE added LICENSE file; renamed svrcore.spec to svrcore-devel.spec and made other changes to comply with fedora packaging guidelines - see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196393 2006-06-23 15:15:07 +00:00
Makefile
README
alt.c
build_svrcore-devel_rpm Bump spec rev to 3 2006-07-13 18:10:21 +00:00
cache.c
errors.c
file.c
key.ico
logo.ico
manifest.mn
ntgetpin.c
ntgetpin.rc
ntresource.h
pin.c
pk11.c
std.c
svrcore-devel.spec Bump spec rev to 3 2006-07-13 18:10:21 +00:00
svrcore.h
svrcore.pc.in
user.c

README

The Netscape svrcore library

Terry Hayes wrote the Netscape svrcore library in 1998.
Valerie Chu wrote the ntgetpin.c and related files.

svrcore used to contain two major parts.

The first part is what we released on mozilla.  It is a kind of
object-oriented package for handling PIN requests from NSS. The
idea was to provide a standard way for servers to allow PIN input
from a file or from the terminal.  There is also a PIN handler
that caches the PIN in memory after encrypting it with a key on
a device (such as a Fortezza card). This allowed a server to
restart without having to reenter the PIN. However since the PIN
is encrypted, a core dump would not expose it.  In addition,
removing the device would also make the PIN inaccessible.

The files are:

svrcore.h - API definition
alt.c - allows two possible PIN request methods to be used (say
        file and then terminal)
cache.c - caches the result from another PIN request method
errors.c - error text
file.c - reads the PIN from a specified file
ntgetpin.c - Windows version of a user prompt for PIN
ntgetpin.rc - Windows resource script for ntgetpin.c
ntresource.h - a generated include file used by ntgetpin.rc
key.ico - an icon used by ntgetpin.rc
logo.ico - an icon used by ntgetpin.rc
pin.c - functions to register a PIN request object with NSS
pk11.c - implementation of the encrypted in-memory caching
std.c - a "standard" PIN object that satisfies requests from a
        file or the terminal and allows caching if desired.
user.c - prompts the user for the PIN

Note: the pk11.c file (secure PIN store) is a pretty good example
of how to encrypt/decrypt with NSS.

There was a second component of svrcore that handled export policy
configuration.  It allowed patching of a single executable (single
program build) to create the export and domestic versions of a
server.  This code was discontinued after the export policy changes.

The LDAP C SDK tools use svrcore.  They also implemented their
own PIN object to allow command line PIN entry.  The directory
server also implemented its own PIN object to allow a watchdog
process to cache the PIN and restart the server.

See INSTALL for build instructions