public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Mattias Ellert <mattias.ellert@physics.uu.se>
To: git-commits@fedoraproject.org
Subject: [rpms/globus-gsi-callback] rawhide: Compile with OpenSSL 4
Date: Sun, 14 Jun 2026 08:48:21 GMT [thread overview]
Message-ID: <178142690113.1.6248890401068388488.rpms-globus-gsi-callback-2d0e375c70a8@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/globus-gsi-callback
Branch : rawhide
Commit : 2d0e375c70a8ff993b94dd7c98ba7136461d4772
Author : Mattias Ellert <mattias.ellert@physics.uu.se>
Date : 2026-06-14T10:39:13+02:00
Stats : +4015/-1 in 4 file(s)
URL : https://src.fedoraproject.org/rpms/globus-gsi-callback/c/2d0e375c70a8ff993b94dd7c98ba7136461d4772?branch=rawhide
Log:
Compile with OpenSSL 4
Fix compiler warnings
---
diff --git a/0001-Untabify-and-remove-trailing-white-space.patch b/0001-Untabify-and-remove-trailing-white-space.patch
new file mode 100644
index 0000000..1f48cbd
--- /dev/null
+++ b/0001-Untabify-and-remove-trailing-white-space.patch
@@ -0,0 +1,3466 @@
+From 3ccdaa0236230bbcbcbf339e7dfdfaf23c10bd6f Mon Sep 17 00:00:00 2001
+From: Mattias Ellert <mattias.ellert@physics.uu.se>
+Date: Wed, 20 May 2026 00:15:37 +0200
+Subject: [PATCH 1/3] Untabify and remove trailing white-space
+
+---
+ .../source/library/globus_gsi_callback.c | 356 +++++-----
+ .../source/library/globus_gsi_callback.h | 14 +-
+ .../library/oldgaa/globus_oldgaa_utils.c | 558 +++++++--------
+ .../source/library/oldgaa/oldgaa_release.c | 662 +++++++++---------
+ 4 files changed, 795 insertions(+), 795 deletions(-)
+
+diff --git a/gsi/callback/source/library/globus_gsi_callback.c b/gsi/callback/source/library/globus_gsi_callback.c
+index ef03f9340..a65105830 100644
+--- a/gsi/callback/source/library/globus_gsi_callback.c
++++ b/gsi/callback/source/library/globus_gsi_callback.c
+@@ -89,11 +89,11 @@ static int globus_i_gsi_callback_X509_STORE_callback_data_index = -1;
+
+ static int
+ globus_l_gsi_callback_openssl_new(
+- void * parent,
+- void * ptr,
++ void * parent,
++ void * ptr,
+ CRYPTO_EX_DATA * ad,
+- int idx,
+- long argl,
++ int idx,
++ long argl,
+ void * argp)
+ {
+ int result = 1;
+@@ -105,18 +105,18 @@ globus_l_gsi_callback_openssl_new(
+ * since we can't allocate the ptr here
+ * this function isn't particularly useful
+ */
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+ return result;
+ }
+
+ static int
+ globus_l_gsi_callback_openssl_free(
+- void * parent,
+- void * ptr,
++ void * parent,
++ void * ptr,
+ CRYPTO_EX_DATA * ad,
+- int idx,
+- long argl,
++ int idx,
++ long argl,
+ void * argp)
+ {
+ int result = 1;
+@@ -133,17 +133,17 @@ globus_l_gsi_callback_openssl_free(
+
+ static int
+ globus_l_gsi_callback_openssl_dup(
+- CRYPTO_EX_DATA * to,
+- CRYPTO_EX_DATA * from,
+- void * from_d,
+- int idx,
+- long argl,
++ CRYPTO_EX_DATA * to,
++ CRYPTO_EX_DATA * from,
++ void * from_d,
++ int idx,
++ long argl,
+ void * argp)
+ {
+ int result = 1;
+ static char * _function_name_ =
+ "globus_gsi_callback_openssl_dup";
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+
+ /* copy the callback data - currenlty not used by OpenSSL */
+@@ -168,7 +168,7 @@ globus_l_gsi_callback_activate(void)
+ if(tmp_string != GLOBUS_NULL)
+ {
+ globus_i_gsi_callback_debug_level = atoi(tmp_string);
+-
++
+ if(globus_i_gsi_callback_debug_level < 0)
+ {
+ globus_i_gsi_callback_debug_level = 0;
+@@ -198,7 +198,7 @@ globus_l_gsi_callback_activate(void)
+ {
+ goto exit;
+ }
+-
++
+ result = globus_module_activate(GLOBUS_GSI_SYSCONFIG_MODULE);
+
+ if(result != GLOBUS_SUCCESS)
+@@ -215,14 +215,14 @@ globus_l_gsi_callback_activate(void)
+
+ globus_mutex_init(&globus_l_gsi_callback_oldgaa_mutex, NULL);
+ globus_mutex_init(&globus_l_gsi_callback_verify_mutex, NULL);
+-
++
+ OpenSSL_add_all_algorithms();
+
+ if(globus_i_gsi_callback_X509_STORE_callback_data_index < 0)
+ {
+- globus_i_gsi_callback_X509_STORE_callback_data_index =
++ globus_i_gsi_callback_X509_STORE_callback_data_index =
+ X509_STORE_CTX_get_ex_new_index(
+- 0, NULL,
++ 0, NULL,
+ (CRYPTO_EX_new *) &globus_l_gsi_callback_openssl_new,
+ (CRYPTO_EX_dup *) &globus_l_gsi_callback_openssl_dup,
+ (CRYPTO_EX_free *) &globus_l_gsi_callback_openssl_free);
+@@ -239,7 +239,7 @@ globus_l_gsi_callback_activate(void)
+ if(globus_i_gsi_callback_SSL_callback_data_index < 0)
+ {
+ globus_i_gsi_callback_SSL_callback_data_index = SSL_get_ex_new_index(
+- 0, NULL,
++ 0, NULL,
+ (CRYPTO_EX_new *) &globus_l_gsi_callback_openssl_new,
+ (CRYPTO_EX_dup *) &globus_l_gsi_callback_openssl_dup,
+ (CRYPTO_EX_free *) &globus_l_gsi_callback_openssl_free);
+@@ -304,7 +304,7 @@ globus_l_gsi_callback_deactivate(void)
+ * Will contain the index upon return
+ *
+ * @return
+- * GLOBUS_SUCCESS unless an error occurred, in which case,
++ * GLOBUS_SUCCESS unless an error occurred, in which case,
+ * a globus error object ID is returned
+ */
+ globus_result_t
+@@ -314,7 +314,7 @@ globus_gsi_callback_get_X509_STORE_callback_data_index(
+ globus_result_t result = GLOBUS_SUCCESS;
+ static char * _function_name_ =
+ "globus_gsi_callback_get_X509_STORE_callback_data_index";
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+
+ *index = globus_i_gsi_callback_X509_STORE_callback_data_index;
+@@ -334,7 +334,7 @@ globus_gsi_callback_get_X509_STORE_callback_data_index(
+ * Will contain the index upon return
+ *
+ * @return
+- * GLOBUS_SUCCESS unless an error occurred, in which case,
++ * GLOBUS_SUCCESS unless an error occurred, in which case,
+ * a globus error object ID is returned
+ */
+ globus_result_t
+@@ -344,9 +344,9 @@ globus_gsi_callback_get_SSL_callback_data_index(
+ globus_result_t result = GLOBUS_SUCCESS;
+ static char * _function_name_ =
+ "globus_gsi_callback_get_SSL_callback_data_index";
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+-
++
+
+ *index = globus_i_gsi_callback_SSL_callback_data_index;
+
+@@ -370,7 +370,7 @@ globus_gsi_callback_get_SSL_callback_data_index(
+ * 1 on success
+ * 0 on failure
+ */
+-int
++int
+ globus_gsi_callback_X509_verify_cert(
+ X509_STORE_CTX * context,
+ void * arg)
+@@ -391,15 +391,15 @@ globus_gsi_callback_X509_verify_cert(
+ X509_STORE_set_check_issued(X509_STORE_CTX_get0_store(context), globus_gsi_callback_check_issued);
+ #endif
+ /*
+- * If this is not set, OpenSSL-0.9.8 assumes the proxy cert
++ * If this is not set, OpenSSL-0.9.8 assumes the proxy cert
+ * as an EEC and the next level cert in the chain as a CA cert
+ * and throws an invalid CA error. If we set this, the callback
+- * (globus_gsi_callback_handshake_callback) gets called with
+- * preverify_ok = 0 with an error "unhandled critical extension"
++ * (globus_gsi_callback_handshake_callback) gets called with
++ * preverify_ok = 0 with an error "unhandled critical extension"
+ * and "path length exceeded".
+- * globus_i_gsi_callback_cred_verify() called by
+- * globus_gsi_callback_handshake_callback() checks for these
+- * errors and returns success. globus_i_gsi_callback_cred_verify()
++ * globus_i_gsi_callback_cred_verify() called by
++ * globus_gsi_callback_handshake_callback() checks for these
++ * errors and returns success. globus_i_gsi_callback_cred_verify()
+ * will check the critical extension later.
+ */
+ #if defined(X509_V_FLAG_ALLOW_PROXY_CERTS)
+@@ -423,12 +423,12 @@ globus_gsi_callback_X509_verify_cert(
+ *
+ * @param preverify_ok
+ * Communicates the result of default validation steps performed by
+- * OpenSSL
++ * OpenSSL
+ * @param x509_context
+ * The validation state object
+ * @return
+ * 1 on success
+- * 0 on failure
++ * 0 on failure
+ */
+ int globus_gsi_callback_create_proxy_callback(
+ int preverify_ok,
+@@ -438,7 +438,7 @@ int globus_gsi_callback_create_proxy_callback(
+ int verify_result;
+ globus_result_t result;
+ globus_gsi_callback_data_t callback_data;
+- static char * _function_name_ =
++ static char * _function_name_ =
+ "globus_i_gsi_callback_create_proxy_callback";
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+@@ -449,10 +449,10 @@ int globus_gsi_callback_create_proxy_callback(
+ verify_result = 0;
+ goto exit;
+ }
+-
++
+ callback_data = (globus_gsi_callback_data_t)
+ X509_STORE_CTX_get_ex_data(
+- x509_context,
++ x509_context,
+ cb_index);
+
+ if(!callback_data)
+@@ -498,12 +498,12 @@ int globus_gsi_callback_create_proxy_callback(
+ *
+ * @param preverify_ok
+ * Communicates the result of default validation steps performed by
+- * OpenSSL
++ * OpenSSL
+ * @param x509_context
+ * The validation state object.
+ * @return
+ * 1 on success
+- * 0 on failure
++ * 0 on failure
+ */
+ int globus_gsi_callback_handshake_callback(
+ int preverify_ok,
+@@ -514,7 +514,7 @@ int globus_gsi_callback_handshake_callback(
+ globus_result_t result;
+ globus_gsi_callback_data_t callback_data;
+ SSL * ssl = NULL;
+- static char * _function_name_ =
++ static char * _function_name_ =
+ "globus_gsi_callback_handshake_callback";
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+@@ -567,7 +567,7 @@ int globus_gsi_callback_handshake_callback(
+
+ callback_data->error = result;
+
+- exit:
++ exit:
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+ return verify_result;
+ }
+@@ -585,10 +585,10 @@ int globus_gsi_callback_handshake_callback(
+ * @param cert
+ * The certificate to check
+ * @param issuer
+- * The issuer certificate to check
++ * The issuer certificate to check
+ * @return
+ * 1 on success
+- * 0 on failure
++ * 0 on failure
+ */
+ int globus_gsi_callback_check_issued(
+ X509_STORE_CTX * context,
+@@ -601,21 +601,21 @@ int globus_gsi_callback_check_issued(
+ globus_gsi_cert_utils_cert_type_t cert_type;
+ static char * _function_name_ =
+ "globus_gsi_callback_check_issued";
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+-
++
+ return_value = X509_check_issued(issuer, cert);
+ if(return_value != X509_V_OK)
+ {
+ return_code = 0;
+ switch(return_value)
+ {
+-
++
+ case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
+ /* If this is a proxy certificate then the issuer
+ * does not need to have the key_usage set.
+ * So check if its a proxy, and ignore
+- * the error if so.
++ * the error if so.
+ */
+ result = globus_gsi_cert_utils_get_cert_type(cert, &cert_type);
+ if(result != GLOBUS_SUCCESS)
+@@ -623,19 +623,19 @@ int globus_gsi_callback_check_issued(
+ return_code = 0;
+ break;
+ }
+-
++
+ if(GLOBUS_GSI_CERT_UTILS_IS_PROXY(cert_type))
+ {
+ /* its a proxy! */
+ return_code = 1;
+ }
+ break;
+-
++
+ default:
+ break;
+ }
+ }
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+ return return_code;
+ }
+@@ -652,13 +652,13 @@ globus_i_gsi_callback_cred_verify(
+ globus_gsi_cert_utils_cert_type_t cert_type;
+ X509 * tmp_cert = NULL;
+ X509 * prev_cert = NULL;
+- static char * _function_name_ =
++ static char * _function_name_ =
+ "globus_i_gsi_callback_cred_verify";
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+-
++
+ /* Now check for some error conditions which
+- * can be disregarded.
++ * can be disregarded.
+ */
+ if (!preverify_ok)
+ {
+@@ -666,11 +666,11 @@ globus_i_gsi_callback_cred_verify(
+ {
+ case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+
+- /*
+- * OpenSSL-0.9.8 has this error (0.9.7d did not have this)
+- * So we will ignore the errors now and do our checks later
+- * on (as explained below).
+- */
++ /*
++ * OpenSSL-0.9.8 has this error (0.9.7d did not have this)
++ * So we will ignore the errors now and do our checks later
++ * on (as explained below).
++ */
+ case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_PRINT(
+@@ -684,22 +684,22 @@ globus_i_gsi_callback_cred_verify(
+ */
+ result = GLOBUS_SUCCESS;
+ break;
+- /*
+- * In the later version (097g+) OpenSSL does know about
+- * proxies, but not non-rfc compliant proxies, it will
+- * count them as unhandled critical extensions.
+- * So we will ignore the errors and do our
+- * own checks later on, when we check the last
+- * certificate in the chain we will check the chain.
+- * As OpenSSL does not recognize legacy proxies
+- */
++ /*
++ * In the later version (097g+) OpenSSL does know about
++ * proxies, but not non-rfc compliant proxies, it will
++ * count them as unhandled critical extensions.
++ * So we will ignore the errors and do our
++ * own checks later on, when we check the last
++ * certificate in the chain we will check the chain.
++ * As OpenSSL does not recognize legacy proxies
++ */
+ case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+ GLOBUS_I_GSI_CALLBACK_DEBUG_PRINT(
+ 2, "X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION\n");
+- /*
+- * Setting this for 098 or later versions avoid the invalid
+- * CA error but would result in proxy path len exceeded which
+- * is handled above.
++ /*
++ * Setting this for 098 or later versions avoid the invalid
++ * CA error but would result in proxy path len exceeded which
++ * is handled above.
+ */
+ X509_set_proxy_flag(X509_STORE_CTX_get_current_cert(x509_context));
+ result = GLOBUS_SUCCESS;
+@@ -713,44 +713,44 @@ globus_i_gsi_callback_cred_verify(
+ result = GLOBUS_SUCCESS;
+ break;
+
+- case X509_V_ERR_INVALID_CA:
+- /*
+- * If the previous cert in the chain is a proxy cert then
+- * we get this error just because openssl does not recognize
+- * our proxy and treats it as an EEC. And thus, it would
+- * treat higher level proxies (if any) or EEC as CA cert
+- * (which are not actually CA certs) and would throw this
+- * error. As long as the previous cert in the chain is a
+- * proxy cert, we ignore this error.
+- */
+- prev_cert = sk_X509_value(
+- X509_STORE_CTX_get0_chain(x509_context), X509_STORE_CTX_get_error_depth(x509_context)-1);
+- result = globus_gsi_cert_utils_get_cert_type(prev_cert, &cert_type);
+- if(result != GLOBUS_SUCCESS)
+- {
+- result = (globus_result_t)GLOBUS_FAILURE;
+- }
+- else
+- {
+- if(GLOBUS_GSI_CERT_UTILS_IS_PROXY(cert_type))
+- {
+- result = GLOBUS_SUCCESS;
+- }
+- else
+- {
+- result = (globus_result_t)GLOBUS_FAILURE;
+- }
++ case X509_V_ERR_INVALID_CA:
++ /*
++ * If the previous cert in the chain is a proxy cert then
++ * we get this error just because openssl does not recognize
++ * our proxy and treats it as an EEC. And thus, it would
++ * treat higher level proxies (if any) or EEC as CA cert
++ * (which are not actually CA certs) and would throw this
++ * error. As long as the previous cert in the chain is a
++ * proxy cert, we ignore this error.
++ */
++ prev_cert = sk_X509_value(
++ X509_STORE_CTX_get0_chain(x509_context), X509_STORE_CTX_get_error_depth(x509_context)-1);
++ result = globus_gsi_cert_utils_get_cert_type(prev_cert, &cert_type);
++ if(result != GLOBUS_SUCCESS)
++ {
++ result = (globus_result_t)GLOBUS_FAILURE;
++ }
++ else
++ {
++ if(GLOBUS_GSI_CERT_UTILS_IS_PROXY(cert_type))
++ {
++ result = GLOBUS_SUCCESS;
++ }
++ else
++ {
++ result = (globus_result_t)GLOBUS_FAILURE;
++ }
+ }
+- break;
++ break;
+ default:
+ result = (globus_result_t)GLOBUS_FAILURE;
+ break;
+- }
++ }
+
+ if (result != GLOBUS_SUCCESS)
+ {
+- char * subject_name =
+- X509_NAME_oneline(X509_get_subject_name(X509_STORE_CTX_get_current_cert(x509_context)), 0, 0);
++ char * subject_name =
++ X509_NAME_oneline(X509_get_subject_name(X509_STORE_CTX_get_current_cert(x509_context)), 0, 0);
+ unsigned long issuer_hash =
+ X509_issuer_name_hash(X509_STORE_CTX_get_current_cert(x509_context));
+ char * cert_dir;
+@@ -761,9 +761,9 @@ globus_i_gsi_callback_cred_verify(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_CERT_NOT_YET_VALID,
+ (_CLS("Cert with subject: %s is not yet valid"
+- "- check clock skew between hosts."), subject_name));
++ "- check clock skew between hosts."), subject_name));
+ }
+- else if (X509_STORE_CTX_get_error(x509_context) ==
++ else if (X509_STORE_CTX_get_error(x509_context) ==
+ X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)
+ {
+ cert_dir = NULL;
+@@ -773,7 +773,7 @@ globus_i_gsi_callback_cred_verify(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_CANT_GET_LOCAL_CA_CERT,
+ (_CLS("Cannot find trusted CA certificate "
+- "with hash %lx%s%s"),
++ "with hash %lx%s%s"),
+ issuer_hash, cert_dir ? " in " : "",
+ cert_dir ? cert_dir : ""));
+ if (cert_dir)
+@@ -790,7 +790,7 @@ globus_i_gsi_callback_cred_verify(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_CANT_GET_LOCAL_CA_CERT,
+ (_CLS("Untrusted self-signed certificate in chain "
+- "with hash %lx"),
++ "with hash %lx"),
+ issuer_hash));
+ if (cert_dir)
+ {
+@@ -811,8 +811,8 @@ globus_i_gsi_callback_cred_verify(
+ GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED,
+ (X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509_context))));
+ }
+-
+- OPENSSL_free(subject_name);
++
++ OPENSSL_free(subject_name);
+
+ goto exit;
+ }
+@@ -847,7 +847,7 @@ globus_i_gsi_callback_cred_verify(
+ goto exit;
+ }
+ #endif
+-
++
+ /* only want to check singing_policy file if its not a proxy */
+ result = globus_i_gsi_callback_check_signing_policy(
+ x509_context,
+@@ -858,13 +858,13 @@ globus_i_gsi_callback_cred_verify(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED);
+ goto exit;
+- }
++ }
+ }
+
+ tmp_cert = X509_dup(X509_STORE_CTX_get_current_cert(x509_context));
+
+ /* add the current cert to the callback data's cert chain */
+- sk_X509_insert(callback_data->cert_chain,
++ sk_X509_insert(callback_data->cert_chain,
+ tmp_cert, 0);
+
+ callback_data->cert_depth++;
+@@ -889,7 +889,7 @@ globus_i_gsi_callback_cred_verify(
+ GLOBUS_GSI_CALLBACK_ERROR_VERIFY_CRED);
+ goto exit;
+ }
+-
++
+ exit:
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+@@ -908,8 +908,8 @@ globus_i_gsi_callback_check_proxy(
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+
+- /* All of the OpenSSL tests have passed and we now get to
+- * look at the certificate to verify the proxy rules,
++ /* All of the OpenSSL tests have passed and we now get to
++ * look at the certificate to verify the proxy rules,
+ * and ca-signing-policy rules. We will also do a CRL check
+ */
+ result = globus_gsi_cert_utils_get_cert_type(X509_STORE_CTX_get_current_cert(x509_context),
+@@ -923,7 +923,7 @@ globus_i_gsi_callback_check_proxy(
+ }
+
+ if(GLOBUS_GSI_CERT_UTILS_IS_PROXY(cert_type))
+- {
++ {
+ /* it is a proxy */
+
+ /* a legacy globus proxy may only be followed by another legacy globus
+@@ -935,7 +935,7 @@ globus_i_gsi_callback_check_proxy(
+ * a draft compliant limited proxy may only be followed by another draft
+ * compliant limited proxy or a draft compliant independent proxy
+ */
+-
++
+ if((GLOBUS_GSI_CERT_UTILS_IS_GSI_2_PROXY(callback_data->cert_type) &&
+ !GLOBUS_GSI_CERT_UTILS_IS_GSI_2_PROXY(cert_type)) ||
+ (GLOBUS_GSI_CERT_UTILS_IS_GSI_3_PROXY(callback_data->cert_type) &&
+@@ -961,7 +961,7 @@ globus_i_gsi_callback_check_proxy(
+ X509_STORE_CTX_set_error(x509_context, X509_V_ERR_CERT_SIGNATURE_FAILURE);
+ goto exit;
+ }
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_PRINT(2, "Passed proxy test\n");
+
+ callback_data->proxy_depth++;
+@@ -977,7 +977,7 @@ globus_i_gsi_callback_check_proxy(
+ }
+
+ callback_data->cert_type = cert_type;
+-
++
+ exit:
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+@@ -1003,34 +1003,34 @@ globus_i_gsi_callback_check_revoked(
+ globus_bool_t recheck_crl_done = GLOBUS_FALSE;
+ static char * _function_name_ =
+ "globus_i_gsi_callback_check_revoked";
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+-
++
+
+ do
+ {
+ x509_object = X509_OBJECT_new();
+- /*
+- * SSLeay 0.9.0 handles CRLs but does not check them.
++ /*
++ * SSLeay 0.9.0 handles CRLs but does not check them.
+ * We will check the crl for this cert, if there
+- * is a CRL in the store.
+- * If we find the crl is not valid, we will fail,
+- * as once the sysadmin indicates that CRLs are to
+- * be checked, he best keep it upto date.
+- *
++ * is a CRL in the store.
++ * If we find the crl is not valid, we will fail,
++ * as once the sysadmin indicates that CRLs are to
++ * be checked, he best keep it upto date.
++ *
+ * When future versions of SSLeay support this better,
+- * we can remove these tests.
+- *
++ * we can remove these tests.
++ *
+ * we come through this code for each certificate,
+ * starting with the CA's We will check for a CRL
+ * each time, but only check the signature if the
+ * subject name matches, and check for revoked
+ * if the issuer name matches.
+- * this allows the CA to revoke its own cert as well.
++ * this allows the CA to revoke its own cert as well.
+ */
+ if (X509_STORE_get_by_subject(
+ x509_context,
+- X509_LU_CRL,
++ X509_LU_CRL,
+ X509_get_issuer_name(X509_STORE_CTX_get_current_cert(x509_context)),
+ x509_object))
+ {
+@@ -1047,7 +1047,7 @@ globus_i_gsi_callback_check_revoked(
+ next_update = X509_CRL_get0_nextUpdate(crl);
+ last_update = X509_CRL_get0_lastUpdate(crl);
+ has_next_time = (next_update != NULL);
+-
++
+ globus_gsi_cert_utils_make_time(last_update, &last_time);
+ if (has_next_time)
+ {
+@@ -1067,8 +1067,8 @@ globus_i_gsi_callback_check_revoked(
+ get_issuer = X509_STORE_CTX_get_get_issuer(x509_context);
+
+ /* verify the signature on this CRL */
+- if(get_issuer(&issuer,
+- x509_context,
++ if(get_issuer(&issuer,
++ x509_context,
+ X509_STORE_CTX_get_current_cert(x509_context)) <= 0)
+ {
+ char * subject_string;
+@@ -1076,7 +1076,7 @@ globus_i_gsi_callback_check_revoked(
+ subject_string = X509_NAME_oneline(
+ X509_get_issuer_name(X509_STORE_CTX_get_current_cert(x509_context)),
+ NULL, 0);
+-
++
+ GLOBUS_GSI_CALLBACK_OPENSSL_ERROR_RESULT(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_INVALID_CRL,
+@@ -1088,7 +1088,7 @@ globus_i_gsi_callback_check_revoked(
+ }
+
+ issuer_key = X509_get_pubkey(issuer);
+-
++
+ if(issuer_key == NULL)
+ {
+ GLOBUS_GSI_CALLBACK_OPENSSL_ERROR_RESULT(
+@@ -1114,7 +1114,7 @@ globus_i_gsi_callback_check_revoked(
+ }
+
+ EVP_PKEY_free(issuer_key);
+-
++
+ /* Check date */
+
+ i = X509_cmp_current_time(last_update);
+@@ -1137,7 +1137,7 @@ globus_i_gsi_callback_check_revoked(
+ X509_STORE_CTX_set_error(x509_context, X509_V_ERR_CRL_NOT_YET_VALID);
+ goto free_X509_object;
+ }
+-
++
+ i = (has_next_time) ? X509_cmp_current_time(next_update) : 1;
+ if (i == 0)
+ {
+@@ -1148,7 +1148,7 @@ globus_i_gsi_callback_check_revoked(
+ X509_STORE_CTX_set_error(x509_context, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
+ goto free_X509_object;
+ }
+-
++
+ /* If we get an expired CRL, we'll delete it from the store
+ * associated with this ssl context and then try this operation one
+ * more time to see if a new one is in place.
+@@ -1276,19 +1276,19 @@ globus_i_gsi_callback_check_revoked(
+
+ revoked = sk_X509_REVOKED_value(revoked_stack, i);
+ revoked_serial_number = X509_REVOKED_get0_serialNumber(revoked);
+-
++
+ if(!ASN1_INTEGER_cmp(
+ revoked_serial_number,
+ X509_get_serialNumber(X509_STORE_CTX_get_current_cert(x509_context))))
+ {
+ char * subject_string;
+ long serial;
+-
++
+ serial = ASN1_INTEGER_get(revoked_serial_number);
+
+ subject_string = X509_NAME_oneline(X509_get_subject_name(
+ X509_STORE_CTX_get_current_cert(x509_context)), NULL, 0);
+-
++
+ GLOBUS_GSI_CALLBACK_ERROR_RESULT(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_REVOKED_CERT,
+@@ -1300,7 +1300,7 @@ globus_i_gsi_callback_check_revoked(
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_FPRINTF(
+ 2, (globus_i_gsi_callback_debug_fstream,
+- "revoked %lX\n",
++ "revoked %lX\n",
+ ASN1_INTEGER_get(revoked_serial_number)));
+
+ OPENSSL_free(subject_string);
+@@ -1325,10 +1325,10 @@ globus_i_gsi_callback_check_revoked(
+ while (crl_was_expired && !recheck_crl_done);
+
+ free_X509_object:
+-
++
+ if (x509_object != NULL)
+ {
+- X509_OBJECT_free(x509_object);
++ X509_OBJECT_free(x509_object);
+ }
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+@@ -1345,7 +1345,7 @@ globus_i_gsi_callback_check_signing_policy(
+ "globus_i_gsi_callback_check_signing_policy";
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+-
++
+ /* Do not need to check self signed certs against ca_policy_file */
+
+ if (X509_NAME_cmp(X509_get_subject_name(X509_STORE_CTX_get_current_cert(x509_context)),
+@@ -1372,7 +1372,7 @@ globus_i_gsi_callback_check_signing_policy(
+ }
+
+ exit:
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+ return result;
+ }
+@@ -1401,7 +1401,7 @@ globus_i_gsi_callback_check_gaa_auth(
+ "globus_i_gsi_callback_check_gaa_auth";
+
+ GLOBUS_I_GSI_CALLBACK_DEBUG_ENTER;
+-
++
+ subject_name = X509_NAME_oneline(
+ X509_get_subject_name(X509_STORE_CTX_get_current_cert(x509_context)),
+ NULL,
+@@ -1410,7 +1410,7 @@ globus_i_gsi_callback_check_gaa_auth(
+ X509_get_issuer_name(X509_STORE_CTX_get_current_cert(x509_context)),
+ NULL,
+ 0);
+-
++
+ result =
+ GLOBUS_GSI_SYSCONFIG_GET_SIGNING_POLICY_FILENAME(
+ X509_get_issuer_name(X509_STORE_CTX_get_current_cert(x509_context)),
+@@ -1429,7 +1429,7 @@ globus_i_gsi_callback_check_gaa_auth(
+ if(ca_policy_file_path == NULL)
+ {
+ /* signing policy file doesn't exist or can't be read */
+-
++
+ GLOBUS_GSI_CALLBACK_ERROR_RESULT(
+ result,
+ GLOBUS_GSI_CALLBACK_ERROR_WITH_SIGNING_POLICY,
+@@ -1451,7 +1451,7 @@ globus_i_gsi_callback_check_gaa_auth(
+ issuer_name,
+ subject_name,
+ ca_policy_file_path)
+- != OLDGAA_SUCCESS)
++ != OLDGAA_SUCCESS)
+ {
+ GLOBUS_GSI_CALLBACK_ERROR_RESULT(
+ result,
+@@ -1462,9 +1462,9 @@ globus_i_gsi_callback_check_gaa_auth(
+ globus_mutex_unlock(&globus_l_gsi_callback_oldgaa_mutex);
+ goto exit;
+ }
+-
++
+ if(oldgaa_get_object_policy_info(
+- &minor_status,
++ &minor_status,
+ OLDGAA_NO_DATA,
+ policy_db,
+ oldgaa_globus_policy_retrieve,
+@@ -1478,14 +1478,14 @@ globus_i_gsi_callback_check_gaa_auth(
+ oldgaa_globus_cleanup(&oldgaa_sc,
+ &rights,
+ options,
+- &detailed_answer,
++ &detailed_answer,
+ policy_db,
+ NULL);
+ X509_STORE_CTX_set_error(x509_context, X509_V_ERR_APPLICATION_VERIFICATION);
+ globus_mutex_unlock(&globus_l_gsi_callback_oldgaa_mutex);
+ goto exit;
+ }
+-
++
+ policy_result = oldgaa_check_authorization(
+ &minor_status,
+ oldgaa_sc,
+@@ -1493,7 +1493,7 @@ globus_i_gsi_callback_check_gaa_auth(
+ rights,
+ options,
+ &detailed_answer);
+-
++
+ if (!detailed_answer)
+ {
+ GLOBUS_GSI_CALLBACK_ERROR_RESULT(
+@@ -1504,11 +1504,11 @@ globus_i_gsi_callback_check_gaa_auth(
+ issuer_name == NULL ? "NULL" : issuer_name,
+ ca_policy_file_path == NULL ? "NULL" : ca_policy_file_path));
+ X509_STORE_CTX_set_error(x509_context, X509_V_ERR_INVALID_PURPOSE);
+-
++
+ oldgaa_globus_cleanup(&oldgaa_sc,
+ &rights,
+ options,
+- &detailed_answer,
++ &detailed_answer,
+ policy_db,
+ NULL);
+ globus_mutex_unlock(&globus_l_gsi_callback_oldgaa_mutex);
+@@ -1517,15 +1517,15 @@ globus_i_gsi_callback_check_gaa_auth(
+
+ if(GLOBUS_I_GSI_CALLBACK_DEBUG(2))
+ {
+-
++
+ fprintf(globus_i_gsi_callback_debug_fstream,
+ "oldgaa result: %d(0 yes, 1 no, -1 maybe)\n", policy_result);
+-
+- if(detailed_answer)
+- {
++
++ if(detailed_answer)
++ {
+ fprintf(globus_i_gsi_callback_debug_fstream,
+ "\nprint detailed answer:\n\n");
+-
++
+ #ifndef WIN32
+ if(detailed_answer->rights)
+ {
+@@ -1534,21 +1534,21 @@ globus_i_gsi_callback_check_gaa_auth(
+ #endif
+ }
+ }
+-
++
+ if (policy_handle)
+ {
+ oldgaa_release_principals(&minor_status, &policy_handle);
+ }
+-
++
+ oldgaa_globus_cleanup(&oldgaa_sc,
+ &rights,
+ options,
+- &detailed_answer,
++ &detailed_answer,
+ policy_db,
+ NULL);
+
+ globus_mutex_unlock(&globus_l_gsi_callback_oldgaa_mutex);
+-
++
+ if (policy_result != 0)
+ {
+ GLOBUS_GSI_CALLBACK_ERROR_RESULT(
+@@ -1610,8 +1610,8 @@ globus_i_gsi_callback_check_critical_extensions(
+ pci_NID = NID_proxyCertInfo;
+ pci_old_NID = OBJ_txt2nid("1.3.6.1.4.1.3536.1.222");
+
+- while((critical_position =
+- X509_get_ext_by_critical(X509_STORE_CTX_get_current_cert(x509_context),
++ while((critical_position =
++ X509_get_ext_by_critical(X509_STORE_CTX_get_current_cert(x509_context),
+ 1, critical_position)) >= 0)
+ {
+ extension = X509_get_ext(X509_STORE_CTX_get_current_cert(x509_context), critical_position);
+@@ -1671,7 +1671,7 @@ globus_i_gsi_callback_check_critical_extensions(
+
+ policy = proxycertinfo->proxyPolicy;
+ }
+-
++
+ if((nid != NID_basic_constraints &&
+ nid != NID_key_usage &&
+ nid != NID_ext_key_usage &&
+@@ -1728,7 +1728,7 @@ globus_i_gsi_callback_check_path_length(
+ X509 * cert = NULL;
+ globus_result_t result = GLOBUS_SUCCESS;
+ int i;
+-
++
+ static char * _function_name_ =
+ "globus_i_gsi_callback_check_path_length";
+
+@@ -1737,11 +1737,11 @@ globus_i_gsi_callback_check_path_length(
+ /*
+ * We ignored any path length restriction errors because
+ * OpenSSL was counting proxies against the limit.
+- * If we are on the last cert in the chain, we
+- * know how many are proxies, so we can do the
+- * path length check now.
++ * If we are on the last cert in the chain, we
++ * know how many are proxies, so we can do the
++ * path length check now.
+ * See x509_vfy.c check_chain_purpose
+- * all we do is substract off the proxy_depth
++ * all we do is substract off the proxy_depth
+ */
+
+ if(X509_STORE_CTX_get_current_cert(x509_context) == X509_STORE_CTX_get0_cert(x509_context))
+@@ -1755,7 +1755,7 @@ globus_i_gsi_callback_check_path_length(
+ "pathlen=:i=%d x=%p pl=%ld\n",
+ i, cert, X509_get_pathlen(cert)));
+
+- if (((i - callback_data->proxy_depth) > 1) &&
++ if (((i - callback_data->proxy_depth) > 1) &&
+ (X509_get_pathlen(cert) != -1) &&
+ ((i - callback_data->proxy_depth) > (X509_get_pathlen(cert) + 1)) &&
+ (X509_get_extension_flags(cert) & EXFLAG_BCONS))
+@@ -1768,7 +1768,7 @@ globus_i_gsi_callback_check_path_length(
+ }
+ }
+ }
+-
++
+ GLOBUS_I_GSI_CALLBACK_DEBUG_EXIT;
+ return result;
+ }
+diff --git a/gsi/callback/source/library/globus_gsi_callback.h b/gsi/callback/source/library/globus_gsi_callback.h
+index 9bbf5900c..86b96b2bf 100644
+--- a/gsi/callback/source/library/globus_gsi_callback.h
++++ b/gsi/callback/source/library/globus_gsi_callback.h
+@@ -74,7 +74,7 @@
+ * @endcode
+ *
+ * This function should be called once for each time Globus GSI Callback
+- * was activated.
++ * was activated.
+ *
+ */
+
+@@ -89,16 +89,16 @@ extern "C" {
+ */
+ #define GLOBUS_GSI_CALLBACK_MODULE (&globus_i_gsi_callback_module)
+
+-extern
++extern
+ globus_module_descriptor_t globus_i_gsi_callback_module;
+
+ #define _CLS(s) globus_common_i18n_get_string(GLOBUS_GSI_CALLBACK_MODULE,\
+- s)
++ s)
+ /**
+ * @defgroup globus_gsi_callback_functions Callback Functions
+ * @ingroup globus_gsi_callback
+ * @brief Callback Functions
+- *
++ *
+ * Functions that plug into various plug points in the OpenSSL path validation
+ * mechanism. These functions add CRL checking, X509 Extension handling and
+ * proxy validation.
+@@ -110,7 +110,7 @@ globus_module_descriptor_t globus_i_gsi_callback_module;
+ * @brief Callback Data Functions
+ *
+ * Functions that deal with the data structure that contains state associated
+- * with the path validation callback.
++ * with the path validation callback.
+ */
+
+
+@@ -154,7 +154,7 @@ int globus_gsi_callback_check_issued(
+ X509 * cert,
+ X509 * issuer);
+
+-int
++int
+ globus_gsi_callback_X509_verify_cert(
+ X509_STORE_CTX * context,
+ void * arg);
+@@ -291,7 +291,7 @@ globus_result_t
+ globus_gsi_callback_set_allow_missing_signing_policy(
+ globus_gsi_callback_data_t callback_data,
+ globus_bool_t allow);
+-
++
+ #endif /* DOXYGEN */
+
+ #ifdef __cplusplus
+diff --git a/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c b/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c
+index 7884cf61d..4693e392c 100644
+--- a/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c
++++ b/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c
+@@ -15,7 +15,7 @@
+ */
+
+ /**********************************************************************
+- globus_oldgaa-utils.c:
++ globus_oldgaa-utils.c:
+
+ Description:
+ Globus-OLDGAA routines
+@@ -27,17 +27,17 @@ Description:
+ **********************************************************************/
+
+ #include "globus_oldgaa.h"
+-#include "globus_oldgaa_utils.h"
++#include "globus_oldgaa_utils.h"
+ #include "oldgaa_gl_internal_err.h"
+ #include "oldgaa_policy_evaluator.h"
+
+ #include "oldgaa_utils.h"
+ #include "globus_i_gsi_callback_config.h"
+
+-#include <string.h> /* for strerror() */
++#include <string.h> /* for strerror() */
+ #include <stdio.h>
+ #include <stdlib.h>
+-#include <errno.h>
++#include <errno.h>
+
+ /**********************************************************************
+ Define module specific variables
+@@ -61,10 +61,10 @@ oldgaa_globus_read_string (policy_file_context_ptr pcontext,
+
+ static oldgaa_error_code
+ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+- oldgaa_policy_ptr *policy,
+- char *tmp_str /* IN&OUT */,
+- oldgaa_principals_ptr *start,
+- oldgaa_principals_ptr *added_principal);
++ oldgaa_policy_ptr *policy,
++ char *tmp_str /* IN&OUT */,
++ oldgaa_principals_ptr *start,
++ oldgaa_principals_ptr *added_principal);
+
+ static
+ int
+@@ -77,25 +77,25 @@ oldgaa_globus_omit_comment_line(policy_file_context_ptr pcontext);
+
+ static void
+ oldgaa_bind_rights_to_condition(oldgaa_rights_ptr right,
+- oldgaa_cond_bindings_ptr cond_bind)
++ oldgaa_cond_bindings_ptr cond_bind)
+ {
+ right->cond_bindings = cond_bind;
+ cond_bind->reference_count++;
+ #ifdef DEBUG
+ fprintf(stderr,"oldgaa_bind_rights_to_conditions:rights:%p->cond_bind:%p\n",
+- right, cond_bind);
++ right, cond_bind);
+ #endif
+-}
++}
+
+ static void
+-oldgaa_bind_rights_to_principal(oldgaa_principals_ptr principal,
++oldgaa_bind_rights_to_principal(oldgaa_principals_ptr principal,
+ oldgaa_rights_ptr rights)
+ {
+ if (principal->rights)
+- oldgaa_add_rights(&(principal->rights), rights);
++ oldgaa_add_rights(&(principal->rights), rights);
+ else {
+- principal->rights = rights;
+- rights->reference_count++;
++ principal->rights = rights;
++ rights->reference_count++;
+ }
+ }
+
+@@ -106,51 +106,51 @@ print_condition_binding(oldgaa_cond_bindings_ptr cb)
+ {
+ oldgaa_conditions_ptr c;
+ for (; cb; cb = cb->next) {
+- fprintf(stderr, " condition binding %x\n", cb);
+- for (c = cb->condition; c; c = c->next) {
+- fprintf(stderr, " condition (%s, %s, %s)\n",
+- NN(c->type), NN(c->authority), NN(c->value));
+- }
++ fprintf(stderr, " condition binding %x\n", cb);
++ for (c = cb->condition; c; c = c->next) {
++ fprintf(stderr, " condition (%s, %s, %s)\n",
++ NN(c->type), NN(c->authority), NN(c->value));
++ }
+ }
+ }
+ static void
+ print_oldgaa_principal_ptr(oldgaa_principals_ptr pr)
+ {
+ oldgaa_rights_ptr r;
+-
++
+ for (; pr; pr = pr->next) {
+- fprintf(stderr, "principal (%s, %s, %s): %x\n",
+- NN(pr->type), NN(pr->authority), NN(pr->value),
+- pr->rights);
+- for (r = pr->rights; r; r = r->next) {
+- fprintf(stderr, " right (%s, %s, %s)\n",
+- NN(r->type), NN(r->authority), NN(r->value));
+- print_condition_binding(r->cond_bindings);
+- }
++ fprintf(stderr, "principal (%s, %s, %s): %x\n",
++ NN(pr->type), NN(pr->authority), NN(pr->value),
++ pr->rights);
++ for (r = pr->rights; r; r = r->next) {
++ fprintf(stderr, " right (%s, %s, %s)\n",
++ NN(r->type), NN(r->authority), NN(r->value));
++ print_condition_binding(r->cond_bindings);
++ }
+ }
+ }
+ #endif /* LDEBUG */
+ /**********************************************************************
+- OLDGAA Cleanup Functions
++ OLDGAA Cleanup Functions
+ **********************************************************************/
+
+ oldgaa_error_code
+ oldgaa_globus_cleanup(oldgaa_sec_context_ptr *oldgaa_sc,
+ oldgaa_rights_ptr *rights,
+ oldgaa_options_ptr options,
+- oldgaa_answer_ptr *answer,
+- oldgaa_data_ptr policy_db,
++ oldgaa_answer_ptr *answer,
++ oldgaa_data_ptr policy_db,
+ oldgaa_sec_attrb_ptr *attributes)
+ {
+ oldgaa_error_code oldgaa_status = OLDGAA_SUCCESS;
+- uint32 minor_status;
+-
+- if(oldgaa_sc) oldgaa_status = oldgaa_release_sec_context(&minor_status, oldgaa_sc);
+- if(rights) oldgaa_status = oldgaa_release_rights(&minor_status, rights);
+- if(options) oldgaa_status = oldgaa_release_options(&minor_status, options);
++ uint32 minor_status;
++
++ if(oldgaa_sc) oldgaa_status = oldgaa_release_sec_context(&minor_status, oldgaa_sc);
++ if(rights) oldgaa_status = oldgaa_release_rights(&minor_status, rights);
++ if(options) oldgaa_status = oldgaa_release_options(&minor_status, options);
+ if(answer) oldgaa_status = oldgaa_release_answer(&minor_status, answer);
+ if(policy_db) oldgaa_status = oldgaa_release_data(&minor_status, policy_db);
+- if(attributes)oldgaa_status = oldgaa_release_sec_attrb(&minor_status, attributes);
++ if(attributes)oldgaa_status = oldgaa_release_sec_attrb(&minor_status, attributes);
+
+ return oldgaa_status;
+ }
+@@ -158,44 +158,44 @@ oldgaa_globus_cleanup(oldgaa_sec_context_ptr *oldgaa_sc,
+
+
+ /**********************************************************************
+- OLDGAA Initialization Functions
++ OLDGAA Initialization Functions
+ **********************************************************************/
+
+ oldgaa_error_code
+ oldgaa_globus_initialize(oldgaa_sec_context_ptr *oldgaa_sc,
+ oldgaa_rights_ptr *rights,
+ oldgaa_options_ptr *options,
+- oldgaa_data_ptr *policy_db,
+- char *signer,
+- char *subject,
+- char *path)
+-{
++ oldgaa_data_ptr *policy_db,
++ char *signer,
++ char *subject,
++ char *path)
++{
+ int error=0;
+
+ /* Allocate and fill in OLDGAA-Globus data structures */
+
+- if(oldgaa_sc) *oldgaa_sc = oldgaa_globus_allocate_sec_context(signer);
++ if(oldgaa_sc) *oldgaa_sc = oldgaa_globus_allocate_sec_context(signer);
+ if(rights) *rights = oldgaa_globus_allocate_rights();
+-
+- if(options)
++
++ if(options)
+ {
+ oldgaa_allocate_options(options);
+- (*options)->value = oldgaa_strcopy(subject, (*options)->value);
+- (*options)->length = strlen(subject);
++ (*options)->value = oldgaa_strcopy(subject, (*options)->value);
++ (*options)->length = strlen(subject);
+ }
+
+ if(policy_db)
+- {
++ {
+ oldgaa_allocate_data(policy_db);
+-
++
+ if(path) (*policy_db)->str = oldgaa_strcopy(path,(*policy_db)->str);
+ else
+- error = get_default_policy_file(*policy_db);
++ error = get_default_policy_file(*policy_db);
+ }
+
+ if(error)return OLDGAA_FAILURE;
+ else
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+ }
+
+
+@@ -204,44 +204,44 @@ oldgaa_globus_initialize(oldgaa_sec_context_ptr *oldgaa_sc,
+ Function: oldgaa_globus_allocate_sec_context
+
+ Description:
+- Allocates OLDGAA security context and fills in globus-specific
++ Allocates OLDGAA security context and fills in globus-specific
+ information.
+
+ Parameters:
+- signer, pointer to string with name of credential signer.
++ signer, pointer to string with name of credential signer.
+
+ Returns:
+- Pointer to a oldgaa_sec_context if successful
++ Pointer to a oldgaa_sec_context if successful
+ **********************************************************************/
+
+ oldgaa_sec_context_ptr
+ oldgaa_globus_allocate_sec_context(char *signer)
+ {
+ oldgaa_sec_context_ptr sc = NULL;
+-
++
+ oldgaa_allocate_sec_context(&sc);
+-
+- if(strcmp(signer, OLDGAA_ANYBODY) == 0)
++
++ if(strcmp(signer, OLDGAA_ANYBODY) == 0)
+ {
+- sc->identity_cred->principal->type = oldgaa_strcopy(OLDGAA_ANYBODY,
++ sc->identity_cred->principal->type = oldgaa_strcopy(OLDGAA_ANYBODY,
+ sc->identity_cred->principal->type);
+
+ sc->identity_cred->principal->authority = oldgaa_strcopy(" ",
+ sc->identity_cred->principal->authority);
+
+- sc->identity_cred->principal->value = oldgaa_strcopy(" ",
++ sc->identity_cred->principal->value = oldgaa_strcopy(" ",
+ sc->identity_cred->principal->value);
+ }
+ else
+ {
+- sc->identity_cred->principal->type = oldgaa_strcopy(OLDGAA_CA,
++ sc->identity_cred->principal->type = oldgaa_strcopy(OLDGAA_CA,
+ sc->identity_cred->principal->type);
+-
+- sc->identity_cred->principal->authority = oldgaa_strcopy(OLDGAA_X509_AUTHORITY,
++
++ sc->identity_cred->principal->authority = oldgaa_strcopy(OLDGAA_X509_AUTHORITY,
+ sc->identity_cred->principal->authority);
+-
+- sc->identity_cred->principal->value = oldgaa_strcopy(signer,
+- sc->identity_cred->principal->value);
++
++ sc->identity_cred->principal->value = oldgaa_strcopy(signer,
++ sc->identity_cred->principal->value);
+ }
+
+ return sc;
+@@ -249,17 +249,17 @@ oldgaa_globus_allocate_sec_context(char *signer)
+
+ /**********************************************************************
+
+-Function: oldgaa_globus_allocate_rights()
++Function: oldgaa_globus_allocate_rights()
+
+ Description:
+- Allocates OLDGAA rights stracture and fills in globus-specific
++ Allocates OLDGAA rights stracture and fills in globus-specific
+ information..
+
+ Parameters:
+- none
++ none
+
+ Returns:
+- Pointer to a oldgaa_rights if successful
++ Pointer to a oldgaa_rights if successful
+ **********************************************************************/
+
+ oldgaa_rights_ptr
+@@ -269,7 +269,7 @@ oldgaa_globus_allocate_rights()
+
+ oldgaa_allocate_rights(&rights);
+ rights->reference_count++;
+-
++
+ rights->type = oldgaa_strcopy(POSITIVE_RIGHTS, rights->type);
+ rights->authority = oldgaa_strcopy(AUTH_GLOBUS, rights->authority);
+ rights->value = oldgaa_strcopy(GLOBUS_RIGHTS_VALUE, rights->value);
+@@ -279,34 +279,34 @@ oldgaa_globus_allocate_rights()
+ }
+
+ /**********************************************************************
+- Policy Retrieving Functions
++ Policy Retrieving Functions
+ **********************************************************************/
+
+ /**********************************************************************
+
+-Function: oldgaa_globus_policy_retrieve()
++Function: oldgaa_globus_policy_retrieve()
+
+ Description:
+ Upcall function for the retrieval of the object policy.
+
+ Parameters:
+- object, pointer to string with name of protected object,
++ object, pointer to string with name of protected object,
+ can be NULL
+- policy_db, pointer to string with name of policy file
++ policy_db, pointer to string with name of policy file
+
+ Returns:
+- Pointer to a policy_file_context_ptr if successful
+- NULL on error, setting errno.
++ Pointer to a policy_file_context_ptr if successful
++ NULL on error, setting errno.
+
+ **********************************************************************/
+
+-oldgaa_policy_ptr
++oldgaa_policy_ptr
+ oldgaa_globus_policy_retrieve(uint32 *minor_status,
+ oldgaa_data_ptr object,
+ oldgaa_data_ptr policy_db, ...)
+-{
+- policy_file_context_ptr pcontext = NULL;
+- oldgaa_policy_ptr policy_handle = NULL;
++{
++ policy_file_context_ptr pcontext = NULL;
++ oldgaa_policy_ptr policy_handle = NULL;
+ int error_type = 1;
+
+ #ifdef DEBUG
+@@ -319,22 +319,22 @@ oldgaa_globus_policy_retrieve(uint32 *minor_status,
+
+ if (pcontext) /* parse policy */
+ {
+- if(oldgaa_globus_parse_policy(pcontext,
++ if(oldgaa_globus_parse_policy(pcontext,
+ &policy_handle) == OLDGAA_SUCCESS)
+ {
+ #ifdef DEBUG
+ {
+- oldgaa_principals_ptr pp;
+- oldgaa_rights_ptr rp;
+- oldgaa_cond_bindings_ptr bp;
+- oldgaa_conditions_ptr cp;
++ oldgaa_principals_ptr pp;
++ oldgaa_rights_ptr rp;
++ oldgaa_cond_bindings_ptr bp;
++ oldgaa_conditions_ptr cp;
+
+- pp = policy_handle;
+- while (pp) {
++ pp = policy_handle;
++ while (pp) {
+ fprintf(stderr,"principal:%p\n",pp);
+ rp = pp->rights;
+ while(rp) {
+- fprintf(stderr," rights:%p ref:%d\n",
++ fprintf(stderr," rights:%p ref:%d\n",
+ rp, rp->reference_count);
+ bp = rp->cond_bindings;
+ while(bp) {
+@@ -351,17 +351,17 @@ oldgaa_globus_policy_retrieve(uint32 *minor_status,
+ rp = rp->next;
+ }
+ pp = pp->next;
+- }
++ }
+ }
+ #endif
+
+ return policy_handle;
+ }
+- else error_type = 0;
++ else error_type = 0;
+ }
+
+ /* error handling */
+-
++
+ if(error_type) /* policy retrieve error */
+ {
+ policy_db->error_code = ERROR_WHILE_RETRIEVING_POLICY;
+@@ -374,15 +374,15 @@ oldgaa_globus_policy_retrieve(uint32 *minor_status,
+ sprintf(policy_db->error_str,"error retrieving file %s",policy_db->str);
+ }
+ else /* policy parsing error */
+- {
++ {
+ policy_db->error_code = m_status;
+ }
+-
++
+ *minor_status = m_status;
+
+ return NULL;
+ }
+-
++
+ /**********************************************************************/
+
+ static
+@@ -415,41 +415,41 @@ get_default_policy_file(oldgaa_data_ptr policy_db)
+ free(ca_policy_file_path);
+ }
+ else
+- {
+- policy_db->error_str =
++ {
++ policy_db->error_str =
+ oldgaa_strcopy("Can not find default policy location. X509_CERT_DIR is not defined.\n",
+ policy_db->error_str);
+ policy_db->error_code = ERROR_WHILE_GETTING_DEFAULT_POLICY_LOCATION;
+
+ rc = 1;
+ }
+-
+- return rc;
++
++ return rc;
+ }
+
+
+
+ /**********************************************************************
+
+-Function: oldgaa_globus_policy_file_open()
++Function: oldgaa_globus_policy_file_open()
+
+ Description:
+- Open the specified policy file for reading, returning a
+- context.
++ Open the specified policy file for reading, returning a
++ context.
+
+ Parameters:
+- filename, pointer to string with name of policy file
++ filename, pointer to string with name of policy file
+
+ Returns:
+- Pointer to a policy_file_context if successful
+- NULL on error, setting errno.
++ Pointer to a policy_file_context if successful
++ NULL on error, setting errno.
+
+ **********************************************************************/
+
+-policy_file_context_ptr
++policy_file_context_ptr
+ oldgaa_globus_policy_file_open(const char *filename)
+ {
+- char * open_mode = "r";
++ char * open_mode = "r";
+ policy_file_context_ptr pcontext = NULL;
+ FILE * stream = NULL;
+ int rc;
+@@ -499,7 +499,7 @@ oldgaa_globus_policy_file_open(const char *filename)
+
+ pcontext->buf = malloc(pcontext->buflen + 1);
+ if (!pcontext->buf) out_of_memory();
+-
++
+ rc = fread(pcontext->buf, pcontext->buflen, 1, stream);
+ pcontext->buf[pcontext->buflen] = 0;
+
+@@ -524,14 +524,14 @@ exit:
+ Function: oldgaa_globus_policy_file_close()
+
+ Description:
+- Close the policy file and deallocate memory assigned to the
+- context.
++ Close the policy file and deallocate memory assigned to the
++ context.
+
+ Parameters:
+- pcontext, pointer to the context
++ pcontext, pointer to the context
+
+ Returns:
+- Nothing
++ Nothing
+
+ **********************************************************************/
+
+@@ -550,29 +550,29 @@ oldgaa_globus_policy_file_close(policy_file_context_ptr pcontext)
+ free(pcontext->parse_error);
+ free(pcontext);
+ }
+-}
++}
+
+
+ /**********************************************************************
+- Policy Parsing Functions
++ Policy Parsing Functions
+ **********************************************************************/
+ /**********************************************************************/
+
+ static
+ int
+-oldgaa_globus_help_read_string(policy_file_context_ptr pcontext,
+- char *str,
++oldgaa_globus_help_read_string(policy_file_context_ptr pcontext,
++ char *str,
+ const char *message)
+ {
+
+ if (oldgaa_globus_read_string(pcontext, str, NULL)) return 1;
+
+- if (end_of_file == TRUE)
+- {
++ if (end_of_file == TRUE)
++ {
+ oldgaa_handle_error(&(pcontext->parse_error), message);
+- return 1;
+- }
+-
++ return 1;
++ }
++
+ return 0;
+ }
+
+@@ -583,17 +583,17 @@ oldgaa_globus_help_read_string(policy_file_context_ptr pcontext,
+ Function: oldgaa_globus_read_string
+
+ Description:
+- Read a string from a given stream up to and including the newline
+- and return it in an allocated buffer.
++ Read a string from a given stream up to and including the newline
++ and return it in an allocated buffer.
+
+ Parameters:
+- pcontext, handle to a structure, containing the stream to read from.
++ pcontext, handle to a structure, containing the stream to read from.
+
+- str, pointer to string to be filled in.
++ str, pointer to string to be filled in.
+
+- errstring, pointer to the pointer to be filled in with
+- a pointer to a string describing an error that occurs.
+- May be NULL.
++ errstring, pointer to the pointer to be filled in with
++ a pointer to a string describing an error that occurs.
++ May be NULL.
+
+ Returns:
+ 0 on success
+@@ -606,14 +606,14 @@ int
+ oldgaa_globus_read_string (policy_file_context_ptr pcontext,
+ char *str,
+ char **errstring)
+-{
++{
+ int len;
+ int rc;
+
+ if (pcontext->index >= (pcontext->buflen - 1))
+ {
+- end_of_file = TRUE;
+- return 0;
++ end_of_file = TRUE;
++ return 0;
+ }
+
+ rc = sscanf(pcontext->buf + pcontext->index, "%s%n", str, &len);
+@@ -628,36 +628,36 @@ oldgaa_globus_read_string (policy_file_context_ptr pcontext,
+ oldgaa_handle_error(&(pcontext->str),str); /* set the string value to
+ report it in the case there is an error */
+
+-
++
+ if (str[0]== STRING_DELIMITER) /* get strings with white spaces */
+ {
+ if(oldgaa_globus_get_string_with_whitespaces(pcontext, str) == -1)
+ {
+ oldgaa_handle_error(&(pcontext->parse_error),
+- "error while reading string");
++ "error while reading string");
+ return 1;
+ }
+ }
+
+
+ if (str[0]== COMMENT) /* omit comment line */
+- {
++ {
+ if(oldgaa_globus_omit_comment_line(pcontext))
+ {
+ oldgaa_handle_error(&(pcontext->parse_error),
+- "error while reading string");
++ "error while reading string");
+ return 1;
+ }
+
+ if(oldgaa_globus_read_string(pcontext, str, errstring))
+ {
+-
++
+ oldgaa_handle_error(&(pcontext->parse_error),
+- "error while reading string");
++ "error while reading string");
+ return 1;
+ }
+- }
+-
++ }
++
+ return 0;
+
+ }
+@@ -667,12 +667,12 @@ oldgaa_globus_read_string (policy_file_context_ptr pcontext,
+ Function: oldgaa_globus_get_string_with_whitespaces
+
+ Description:
+- Read a string from a given stream up to it finds STRING_DELIMITER.
++ Read a string from a given stream up to it finds STRING_DELIMITER.
+
+ Parameters:
+- pcontext, handle to a structure, containing the stream to read from.
++ pcontext, handle to a structure, containing the stream to read from.
+
+- str, pointer to string to be filled in.
++ str, pointer to string to be filled in.
+
+ Returns:
+ 0 on success
+@@ -687,19 +687,19 @@ oldgaa_globus_get_string_with_whitespaces(policy_file_context_ptr pcontext,
+ int i=0, j=1, len = strlen(str); /* j=1 because ignore first ' */
+ int chr, esc = 0;
+
+- while(i < pcontext->buflen) /* read chars from the stream
++ while(i < pcontext->buflen) /* read chars from the stream
+ untill see STRING_DELIMITER */
+- {
++ {
+ chr = (j<len) ? str[j++] : pcontext->buf[pcontext->index++];
+
+- if(pcontext->index == pcontext->buflen)
+- {
++ if(pcontext->index == pcontext->buflen)
++ {
+ end_of_file = TRUE;
+
+ oldgaa_handle_error(&(pcontext->parse_error),
+ "oldgaa_globus_get_string_with_white_spaces: Missing string delimiter \'");
+ return -1;
+- }
++ }
+ if (!esc && chr == STRING_DELIMITER) break; /* don't check if escaped*/
+ esc = !esc && (chr == ESCAPE_CHARACTER); /* !esc takes care of \\ */
+ if (!esc) { str[i] = chr; i++; } /* don't print out the \ */
+@@ -722,10 +722,10 @@ oldgaa_globus_get_string_with_whitespaces(policy_file_context_ptr pcontext,
+ Function: oldgaa_globus_omit_comment_line
+
+ Description:
+- omit comment from the stream
++ omit comment from the stream
+
+ Parameters:
+- pcontext, handle to a structure, containing the stream to read from.
++ pcontext, handle to a structure, containing the stream to read from.
+
+ Returns:
+ 0 on success
+@@ -737,8 +737,8 @@ static
+ int
+ oldgaa_globus_omit_comment_line(policy_file_context_ptr pcontext)
+ {
+- int chr;
+-
++ int chr;
++
+ while(pcontext->index < pcontext->buflen)
+ {
+ chr = pcontext->buf[pcontext->index++];
+@@ -748,13 +748,13 @@ oldgaa_globus_omit_comment_line(policy_file_context_ptr pcontext)
+ if (pcontext->index == pcontext->buflen) end_of_file = TRUE;
+
+ return 0;
+-}
++}
+
+
+
+ /**********************************************************************
+
+-Function: oldgaa_globus_parse_policy()
++Function: oldgaa_globus_parse_policy()
+
+ Description:
+ Parses the policy file, filling oldgaa_policy structure. The format of
+@@ -763,16 +763,16 @@ Description:
+ Parameters:
+ minor_status, mechanism-specific status code
+ pcontext, handle to a structure, containing the stream to read from.
+- policy_handle, pointer to oldgaa_policy structure to be filled in.
+-
++ policy_handle, pointer to oldgaa_policy structure to be filled in.
++
+ Returns:
+- OLDGAA_SUCCESS or OLDGAA_RETREIVE_ERROR
++ OLDGAA_SUCCESS or OLDGAA_RETREIVE_ERROR
+
+ **********************************************************************/
+
+-oldgaa_error_code
++oldgaa_error_code
+ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+- oldgaa_policy_ptr *policy_handle)
++ oldgaa_policy_ptr *policy_handle)
+
+ {
+ oldgaa_conditions_ptr all_conditions = NULL;
+@@ -788,7 +788,7 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+
+ char *str;
+ int cond_present = FALSE;
+- int new_entry = TRUE;
++ int new_entry = TRUE;
+ oldgaa_rights_ptr old_rights = 0;
+
+ str = malloc(pcontext->buflen);
+@@ -800,22 +800,22 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_globus_parse_policy:\n");
+ #endif /* DEBUG */
+-
+- while (!end_of_file)
+- {
++
++ while (!end_of_file)
++ {
+ if (new_entry == TRUE) /* start parsing new entry */
+ {
+ cond_present = FALSE;
+ new_entry = FALSE;
+
+ /* get principals */
+-
++
+ if(oldgaa_globus_parse_principals(pcontext,
+ policy_handle,
+ str,
+ &start_principals,
+ &added_principal) != OLDGAA_SUCCESS)
+- {
++ {
+ oldgaa_handle_error(&(pcontext->parse_error),
+ "oldgaa_globus_parse_policy: error while parsing principal: ");
+ m_status = ERROR_WHILE_PARSING_PRINCIPALS;
+@@ -830,26 +830,26 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+ /* get rights */
+
+ old_rights = start_rights;
+- oldgaa_error = oldgaa_globus_parse_rights(pcontext,
++ oldgaa_error = oldgaa_globus_parse_rights(pcontext,
+ str,
+- &start_rights,
++ &start_rights,
+ &cond_present,
+ &new_entry);
+ if(oldgaa_error != OLDGAA_SUCCESS)
+- {
++ {
+ oldgaa_handle_error(&(pcontext->parse_error),
+- "oldgaa_globus_parse_policy: error while parsing right: ");
++ "oldgaa_globus_parse_policy: error while parsing right: ");
+ m_status = ERROR_WHILE_PARSING_RIGHTS;
+ goto err;
+
+ }
+
+- /* bind paresed rights for this entry to the paresed principals
++ /* bind paresed rights for this entry to the paresed principals
+ from this entry */
+ oldgaa_bind_rights_to_principal(added_principal, start_rights);
+-
++
+ /* get conditions, if any */
+-
++
+ if(cond_present == TRUE)
+ {
+ oldgaa_error = oldgaa_globus_parse_conditions(pcontext,
+@@ -862,47 +862,47 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+ if (oldgaa_error == OLDGAA_SUCCESS) {
+ fprintf(stderr, "parsed condition_binding\n");
+ if (cond_bind)
+- print_condition_binding(cond_bind);
++ print_condition_binding(cond_bind);
+ } else
+- fprintf(stderr, "didn't parse condition binding\n");
++ fprintf(stderr, "didn't parse condition binding\n");
+ #endif /* LDEBUG */
+-
+- if (oldgaa_error != OLDGAA_SUCCESS)
++
++ if (oldgaa_error != OLDGAA_SUCCESS)
+ {
+ oldgaa_handle_error(&(pcontext->parse_error),
+ "oldgaa_globus_parse_policy: error while parsing condition: ");
+-
+- m_status = ERROR_WHILE_PARSING_CONDITIONS;
++
++ m_status = ERROR_WHILE_PARSING_CONDITIONS;
+ goto err;
+
+ }
+-
+- /* bind paresed conditions for this entry to the paresed rights
++
++ /* bind paresed conditions for this entry to the paresed rights
+ from this entry */
+
+- else oldgaa_bind_rights_to_condition(start_rights, cond_bind);
+-
++ else oldgaa_bind_rights_to_condition(start_rights, cond_bind);
++
+ } /* if(cond_present == TRUE) */
+-
++
+ #ifdef LDEBUG
+ printf("start_principals:\n");
+ if (start_principals)
+- print_oldgaa_principal_ptr(start_principals);
++ print_oldgaa_principal_ptr(start_principals);
+ #endif /* LDEBUG */
+-
++
+ }/* end of while */
+
+- /*
+- * Since the conditions are now all bound to cond_bindings,
++ /*
++ * Since the conditions are now all bound to cond_bindings,
+ * we can remove the next chain pointers so they don't get
+- * in the way during free if there are other chains
+- * using conditions.
++ * in the way during free if there are other chains
++ * using conditions.
+ */
+
+ {
+- oldgaa_conditions_ptr c1p, c2p;
++ oldgaa_conditions_ptr c1p, c2p;
+
+- c1p = all_conditions;
++ c1p = all_conditions;
+ while(c1p)
+ {
+ c2p = c1p->next;
+@@ -910,13 +910,13 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+ c1p = c2p;
+ }
+ }
+-
++
+ if (pcontext) oldgaa_globus_policy_file_close(pcontext);
+
+ #ifdef LDEBUG
+ printf("policy_handle:\n");
+ if (*policy_handle)
+- print_oldgaa_principal_ptr(*policy_handle);
++ print_oldgaa_principal_ptr(*policy_handle);
+ #endif /* LDEBUG */
+
+ free(str);
+@@ -933,19 +933,19 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+
+ /**********************************************************************
+
+-Function: oldgaa_globus_parse_principals()
++Function: oldgaa_globus_parse_principals()
+
+ Description:
+- Parses the policy file, filling oldgaa_rincipals structure.
++ Parses the policy file, filling oldgaa_rincipals structure.
+
+ Parameters:
+ pcontext, handle to a structure, containing the stream to read from.
+- policy, pointer to oldgaa_policy structure to be filled in.
++ policy, pointer to oldgaa_policy structure to be filled in.
+ tmp_str, contains a string which will be evaluated and in the end,
+ new value is stored here.
+ start, stores a pointer to oldgaa_principals structure of the set
+ of principals which will be read by this invokation. This is needed
+- by the bind_rights_to_principals function.
++ by the bind_rights_to_principals function.
+ Returns:
+ OLDGAA_SUCCESS or OLDGAA_PARSE_ERROR
+
+@@ -954,13 +954,13 @@ Returns:
+
+ static oldgaa_error_code
+ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+- oldgaa_policy_ptr *policy,
++ oldgaa_policy_ptr *policy,
+ char *tmp_str /* IN&OUT */,
+- oldgaa_principals_ptr *start,
+- oldgaa_principals_ptr *added_principal)
++ oldgaa_principals_ptr *start,
++ oldgaa_principals_ptr *added_principal)
+ {
+ char *str, *type;
+- uint32 minor_status;
++ uint32 minor_status;
+ oldgaa_principals_ptr principal = NULL;
+ oldgaa_error_code error_code = OLDGAA_SUCCESS;
+
+@@ -980,23 +980,23 @@ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+ if (oldgaa_globus_help_read_string(pcontext, str,
+ "parse principals: Empty policy"))
+ {
+- error_code = OLDGAA_RETRIEVE_ERROR;
++ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto free_str;
+ }
+ }
+- else
++ else
+ {
+ /* get the value of read principal from tmp_str */
+ strcpy(str, tmp_str);
+ }
+
+- do
++ do
+ { /* get principal's type */
+
+ if (strcmp(str, OLDGAA_ANYBODY) == 0)
+ {
+- /* do not check for authority and value */
+- type = OLDGAA_ANYBODY;
++ /* do not check for authority and value */
++ type = OLDGAA_ANYBODY;
+ }
+ else if(strcmp(str,OLDGAA_USER) == 0)
+ {
+@@ -1018,21 +1018,21 @@ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+ {
+ type = OLDGAA_APPLICATION;
+ }
+- else
++ else
+ {
+- oldgaa_handle_error(&(pcontext->parse_error),
++ oldgaa_handle_error(&(pcontext->parse_error),
+ "parse_principals: Bad principal type");
+ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto free_str;
+ }
+-
++
+ oldgaa_allocate_principals(&principal);
+
+- if (type)
++ if (type)
+ {
+ principal->type = oldgaa_strcopy(type, principal->type);
+ }
+-
++
+ if (strcmp(type, OLDGAA_ANYBODY)== 0)
+ {
+ /* fill in default values */
+@@ -1048,11 +1048,11 @@ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto release_principal;
+ }
+-
++
+ if (str)
+ {
+ /* expecting defining authority */
+- principal->authority = oldgaa_strcopy(str, principal->authority);
++ principal->authority = oldgaa_strcopy(str, principal->authority);
+ }
+
+ if (oldgaa_globus_help_read_string(pcontext, str,
+@@ -1061,13 +1061,13 @@ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto release_principal;
+ }
+-
++
+ if (str)
+ {
+ /* expecting value */
+ principal->value = oldgaa_strcopy(str, principal->value);
+ }
+- } /* end of if(type != "access_id_ANYBODY")*/
++ } /* end of if(type != "access_id_ANYBODY")*/
+
+ if (*policy == NULL)
+ {
+@@ -1085,7 +1085,7 @@ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+ {
+ oldgaa_release_principals(&minor_status, &principal);
+ }
+- /* In either case, the principal is now pointed to by either the
++ /* In either case, the principal is now pointed to by either the
+ * *start list or has been freed, so we don't need it any more
+ */
+ principal = NULL;
+@@ -1101,13 +1101,13 @@ oldgaa_globus_parse_principals(policy_file_context_ptr pcontext,
+ strcpy(tmp_str, str); /* return the read string */
+
+ if( !strcmp(str,POSITIVE_RIGHTS) ||
+- !strcmp(str,NEGATIVE_RIGHTS) ) /* operation set starts */
++ !strcmp(str,NEGATIVE_RIGHTS) ) /* operation set starts */
+ {
+ goto release_principal;
+ }
+
+ } while(!end_of_file);
+-
++
+ release_principal:
+ if (principal)
+ {
+@@ -1123,10 +1123,10 @@ free_str:
+
+ /**********************************************************************
+
+-Function: oldgaa_globus_parse_rights()
++Function: oldgaa_globus_parse_rights()
+
+ Description:
+- Parses the policy file, filling oldgaa_rights structure.
++ Parses the policy file, filling oldgaa_rights structure.
+
+ Parameters:
+ pcontext, handle to a structure, containing the stream to read from.
+@@ -1136,7 +1136,7 @@ Parameters:
+ of rights which will be read by this invokation. This is needed
+ by the bind_rights_to_conditions function.
+ cond_present, indicates if condition set starts
+- end_of_entry, indicates if new entry starts
++ end_of_entry, indicates if new entry starts
+ Returns:
+ OLDGAA_SUCCESS or OLDGAA_RETRIEVE_ERROR
+
+@@ -1155,7 +1155,7 @@ oldgaa_globus_parse_rights(
+ oldgaa_rights_ptr rights = NULL;
+ oldgaa_error_code error_code = OLDGAA_SUCCESS;
+ uint32 minor_status;
+-
++
+ str = malloc(pcontext->buflen);
+ if (str == NULL)
+ {
+@@ -1168,78 +1168,78 @@ oldgaa_globus_parse_rights(
+ fprintf(stderr, "\noldgaa_globus_parse rights:\n");
+ #endif /* DEBUG */
+
+- strcpy(str, tmp_str);
++ strcpy(str, tmp_str);
+
+ do {
+ if ((oldgaa_strings_match(str,POSITIVE_RIGHTS) ||
+- oldgaa_strings_match(str,NEGATIVE_RIGHTS))== FALSE)
++ oldgaa_strings_match(str,NEGATIVE_RIGHTS))== FALSE)
+ {
+ /* expecting operation set starts */
+ error_code = OLDGAA_RETRIEVE_ERROR;
+ oldgaa_handle_error(&(pcontext->parse_error), "Bad right type");
+
+ goto free_str;
+- }
+-
++ }
++
+ /* allocate fill in the oldgaa_rights structure */
+ oldgaa_allocate_rights(&rights);
+ if (str)
+ {
+ rights->type = oldgaa_strcopy(str, rights->type);
+ }
+-
++
+ if (oldgaa_globus_help_read_string(pcontext, str,
+ "parse_rights: Missing right authority"))
+ {
+- error_code = OLDGAA_RETRIEVE_ERROR;
++ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto free_rights;
+ }
+-
++
+ if (str)
+ {
+- /* expecting defining authority */
++ /* expecting defining authority */
+ rights->authority = oldgaa_strcopy(str, rights->authority);
+ }
+-
++
+ if (oldgaa_globus_help_read_string(pcontext, str,
+ "parse_rights: Missing right value"))
+ {
+- error_code = OLDGAA_RETRIEVE_ERROR;
++ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto free_rights;
+ }
+-
++
+ if (str)
+ {
+- /* expecting value */
++ /* expecting value */
+ rights->value = oldgaa_strcopy(str, rights->value);
+ }
+-
+- if(first == TRUE) { *start = rights; first = FALSE; }
++
++ if(first == TRUE) { *start = rights; first = FALSE; }
+ else oldgaa_add_rights(start, rights);
+
+ rights = NULL;
+
+- if (oldgaa_globus_read_string(pcontext, str, NULL))
++ if (oldgaa_globus_read_string(pcontext, str, NULL))
+ {
+ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto free_str;
+ }
+-
++
+ strcpy(tmp_str, str); /* return the read string */
+-
++
+ if (!strncmp(str,COND_PREFIX, 5)) /* condition set starts */
+ {
+ *cond_present = TRUE;
+ goto free_str;
+ }
+-
++
+ if(!strncmp(str,PRINCIPAL_ACCESS_PREFIX, 6) ||
+- !strncmp(str,PRINCIPAL_GRANTOR_PREFIX, 7)) /* new entry starts */
++ !strncmp(str,PRINCIPAL_GRANTOR_PREFIX, 7)) /* new entry starts */
+ {
+- *end_of_entry = TRUE;
++ *end_of_entry = TRUE;
+
+ goto free_str;
+- }
++ }
+
+ } while(!end_of_file);
+
+@@ -1258,20 +1258,20 @@ out:
+
+
+ /**********************************************************************
+-Function: oldgaa_globus_parse_conditions()
++Function: oldgaa_globus_parse_conditions()
+
+ Description:
+- Parses the policy file, filling oldgaa_conditions structure.
++ Parses the policy file, filling oldgaa_conditions structure.
+
+ Parameters:
+ pcontext, handle to a structure, containing the stream to read from.
+- conditions, pointer to oldgaa_conditions structure to be filled in.
++ conditions, pointer to oldgaa_conditions structure to be filled in.
+ tmp_str, contains a string which will be evaluated and in the end,
+ new value is stored here.
+ list, stores a pointer to oldgaa_cond_bindings structure of the set
+- of conditions which will be read by this invokation.
++ of conditions which will be read by this invokation.
+ This is needed by the bind_rights_to_conditions function.
+- end_of_entry, indicates if new entry starts
++ end_of_entry, indicates if new entry starts
+ Returns:
+ OLDGAA_SUCCESS or OLDGAA_RETRIEVE_ERROR
+
+@@ -1281,7 +1281,7 @@ Returns:
+ oldgaa_error_code
+ oldgaa_globus_parse_conditions(
+ policy_file_context_ptr pcontext,
+- oldgaa_conditions_ptr *conditions,
++ oldgaa_conditions_ptr *conditions,
+ char *tmp_str,
+ oldgaa_cond_bindings_ptr *list,
+ int *end_of_entry)
+@@ -1304,8 +1304,8 @@ oldgaa_globus_parse_conditions(
+ fprintf(stderr, "\noldgaa_globus_parse conditions:\n");
+ #endif /* DEBUG */
+
+- strcpy(str, tmp_str);
+-
++ strcpy(str, tmp_str);
++
+ do
+ {
+ if(strncmp(str,"cond_", 5) != 0)/* expecting condition set starts */
+@@ -1318,11 +1318,11 @@ oldgaa_globus_parse_conditions(
+
+ /* allocate fill in the oldgaa_conditions structure */
+ oldgaa_allocate_conditions(&cond);
+- if (str)
++ if (str)
+ {
+ cond->type = oldgaa_strcopy(str,cond->type) ;
+ }
+-
++
+ if (oldgaa_globus_help_read_string(pcontext, str,
+ "parse_conditions: Missing condition authority"))
+ {
+@@ -1334,7 +1334,7 @@ oldgaa_globus_parse_conditions(
+ {
+ cond->authority = oldgaa_strcopy(str, cond->authority);
+ }
+-
++
+ if (oldgaa_globus_help_read_string(pcontext, str,
+ "parse_conditions: Missing condition value"))
+ {
+@@ -1346,7 +1346,7 @@ oldgaa_globus_parse_conditions(
+ {
+ cond->value = oldgaa_strcopy(str, cond->value);
+ }
+-
++
+ oldgaa_allocate_cond_bindings(&cond_bind);
+
+ if(*conditions == NULL) { *conditions = cond; }
+@@ -1367,29 +1367,29 @@ oldgaa_globus_parse_conditions(
+ }
+ cond = NULL;
+
+- if(first == TRUE){ *list = cond_bind; first = FALSE; }
++ if(first == TRUE){ *list = cond_bind; first = FALSE; }
+ else oldgaa_add_cond_binding(list, cond_bind);
+-
+- if (oldgaa_globus_read_string(pcontext, str, NULL))
++
++ if (oldgaa_globus_read_string(pcontext, str, NULL))
+ {
+ error_code = OLDGAA_RETRIEVE_ERROR;
+ goto release_conditions;
+ }
+-
++
+ if(end_of_file == TRUE)
+ {
+ goto release_conditions;
+ }
+-
++
+ strcpy(tmp_str, str); /* return the read string */
+
+ if(!strncmp(str,PRINCIPAL_ACCESS_PREFIX, 6) ||
+- !strncmp(str,PRINCIPAL_GRANTOR_PREFIX, 7)) /* new entry starts */
++ !strncmp(str,PRINCIPAL_GRANTOR_PREFIX, 7)) /* new entry starts */
+ {
+- *end_of_entry = TRUE;
++ *end_of_entry = TRUE;
+
+ goto release_conditions;
+- }
++ }
+
+ if(!strncmp(str,POS_RIGHTS_PREFIX, 3) ||
+ !strncmp(str,NEG_RIGHTS_PREFIX, 3)) /* new rights set starts */
+@@ -1410,7 +1410,7 @@ free_str:
+
+
+ /*****************************************************************************/
+-
++
+ void
+ oldgaa_globus_print_rights(oldgaa_rights_ptr rights)
+ {
+@@ -1418,18 +1418,18 @@ oldgaa_globus_print_rights(oldgaa_rights_ptr rights)
+ oldgaa_cond_bindings_ptr cond;
+
+ while(ptr != NULL)
+- {
++ {
+ fprintf(stderr, "ACCESS RIGHT\n");
+- fprintf(stderr, "type : %s\n", ptr->type);
++ fprintf(stderr, "type : %s\n", ptr->type);
+ fprintf(stderr, "authority : %s\n", ptr->authority);
+ fprintf(stderr, "value : %s\n\n", ptr->value);
+
+- cond = ptr->cond_bindings;
++ cond = ptr->cond_bindings;
+
+ while(cond != NULL)
+ {
+ fprintf(stderr, "CONDITION\n");
+- fprintf(stderr, "type : %s\n", cond->condition->type);
++ fprintf(stderr, "type : %s\n", cond->condition->type);
+ fprintf(stderr, "authority : %s\n", cond->condition->authority);
+ fprintf(stderr, "value : %s\n", cond->condition->value);
+ fprintf(stderr, "status : %08x\n\n", cond->condition->status);
+@@ -1450,13 +1450,13 @@ oldgaa_globus_print_attributes(oldgaa_sec_attrb_ptr attributes)
+
+
+ while(ptr != NULL)
+- {
++ {
+ fprintf(stderr, "ATTRIBUTE\n");
+- fprintf(stderr, "type : %s\n", ptr->type);
++ fprintf(stderr, "type : %s\n", ptr->type);
+ fprintf(stderr, "authority : %s\n", ptr->authority);
+ fprintf(stderr, "value : %s\n\n", ptr->value);
+
+- ptr = ptr->next;
++ ptr = ptr->next;
+ }
+ }
+
+@@ -1467,28 +1467,28 @@ oldgaa_globus_get_trusted_ca_list(oldgaa_sec_attrb_ptr *attributes,
+ oldgaa_policy_ptr policy_handle,
+ oldgaa_rights_ptr rights)
+ {
+- oldgaa_error_code oldgaa_status = OLDGAA_SUCCESS;
+- uint32 minor_status = 0;
+- oldgaa_principals_ptr principal= NULL;
+-
++ oldgaa_error_code oldgaa_status = OLDGAA_SUCCESS;
++ uint32 minor_status = 0;
++ oldgaa_principals_ptr principal = NULL;
++
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_globus_get_trusted_ca_list:\n");
+ #endif /* DEBUG */
+
+
+ oldgaa_allocate_principals(&principal);
+- principal->type = oldgaa_strcopy(OLDGAA_CA, principal->type);
++ principal->type = oldgaa_strcopy(OLDGAA_CA, principal->type);
+ principal->authority = oldgaa_strcopy(OLDGAA_X509_AUTHORITY, principal->authority);
+ /* principal->value = oldgaa_strcopy("\"*\"", principal->value); */
+
+- oldgaa_status = oldgaa_get_authorized_principals(attributes,
++ oldgaa_status = oldgaa_get_authorized_principals(attributes,
+ policy_handle,
+- principal,
++ principal,
+ rights);
+
+ oldgaa_status = oldgaa_release_principals(&minor_status, &principal);
+
+- return oldgaa_status;
++ return oldgaa_status;
+
+ }
+
+diff --git a/gsi/callback/source/library/oldgaa/oldgaa_release.c b/gsi/callback/source/library/oldgaa/oldgaa_release.c
+index 8585ac383..4550b4eb2 100644
+--- a/gsi/callback/source/library/oldgaa/oldgaa_release.c
++++ b/gsi/callback/source/library/oldgaa/oldgaa_release.c
+@@ -15,10 +15,10 @@
+ */
+
+ /**********************************************************************
+- oldgaa_release.c:
++ oldgaa_release.c:
+
+ Description:
+- This file used internally by the oldgaa routines
++ This file used internally by the oldgaa routines
+ **********************************************************************/
+ #include "globus_oldgaa.h"
+ #include "stdio.h" /* for fprintf() */
+@@ -27,56 +27,56 @@ Description:
+ Function: oldgaa_release_buffer_contents
+
+ Description:
+- Release the contents of a buffer
++ Release the contents of a buffer
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_buffer_contents (uint32 *minor_status,
+- oldgaa_buffer_ptr buffer)
++oldgaa_error_code
++oldgaa_release_buffer_contents (uint32 *minor_status,
++ oldgaa_buffer_ptr buffer)
+ {
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_buffer_contents:\n");
++ fprintf(stderr, "\noldgaa_release_buffer_contents:\n");
+ #endif /* DEBUG */
+
+- if (buffer == NULL || buffer == OLDGAA_NO_BUFFER) return OLDGAA_SUCCESS;
+-
+- if (buffer->value) free(buffer->value);
+- buffer->length = 0;
++ if (buffer == NULL || buffer == OLDGAA_NO_BUFFER) return OLDGAA_SUCCESS;
+
+- return OLDGAA_SUCCESS;
++ if (buffer->value) free(buffer->value);
++ buffer->length = 0;
++
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_release_buffer_contents */
+ /**********************************************************************
+ Function: oldgaa_release_buffer
+
+ Description:
+- Release the buffer
++ Release the buffer
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_buffer(uint32 *minor_status,
+- oldgaa_buffer_ptr * buffer)
++oldgaa_error_code
++oldgaa_release_buffer(uint32 *minor_status,
++ oldgaa_buffer_ptr *buffer)
+ {
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_buffer:\n");
++ fprintf(stderr, "\noldgaa_release_buffer:\n");
+ #endif /* DEBUG */
+
+- if (buffer == NULL || *buffer == NULL) return OLDGAA_SUCCESS;
+-
++ if (buffer == NULL || *buffer == NULL) return OLDGAA_SUCCESS;
++
+ free(*buffer);
+- *buffer = NULL;
++ *buffer = NULL;
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_release_buffer */
+
+@@ -84,61 +84,61 @@ fprintf(stderr, "\noldgaa_release_buffer:\n");
+ Function: oldgaa_release_options
+
+ Description:
+- Release the contents of a buffer
++ Release the contents of a buffer
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_options(uint32 *minor_status,
+- oldgaa_options_ptr buffer)
++oldgaa_error_code
++oldgaa_release_options(uint32 *minor_status,
++ oldgaa_options_ptr buffer)
+ {
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_options:\n");
++ fprintf(stderr, "\noldgaa_release_options:\n");
+ #endif /* DEBUG */
+
+- if (buffer == NULL || buffer == OLDGAA_NO_OPTIONS) return OLDGAA_SUCCESS;
+-
+- if (buffer->value) free(buffer->value);
+- buffer->length = 0;
++ if (buffer == NULL || buffer == OLDGAA_NO_OPTIONS) return OLDGAA_SUCCESS;
+
+- free(buffer);
++ if (buffer->value) free(buffer->value);
++ buffer->length = 0;
+
+- return OLDGAA_SUCCESS;
++ free(buffer);
++
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_release_options */
+-
++
+ /**********************************************************************
+ Function: oldgaa_release_data
+
+ Description:
+- Release the contents of a buffer
++ Release the contents of a buffer
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_data (uint32 *minor_status,
+- oldgaa_data_ptr buffer)
++oldgaa_error_code
++oldgaa_release_data (uint32 *minor_status,
++ oldgaa_data_ptr buffer)
+ {
+
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_data:\n");
++ fprintf(stderr, "\noldgaa_release_data:\n");
+ #endif /* DEBUG */
+
+- if (buffer == NULL || buffer == OLDGAA_NO_DATA) return OLDGAA_SUCCESS;
+-
+- if (buffer->str) free(buffer->str);
+- if (buffer->error_str) free(buffer->error_str);
++ if (buffer == NULL || buffer == OLDGAA_NO_DATA) return OLDGAA_SUCCESS;
+
+- free(buffer);
++ if (buffer->str) free(buffer->str);
++ if (buffer->error_str) free(buffer->error_str);
+
+- return OLDGAA_SUCCESS;
++ free(buffer);
++
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_release_data */
+
+@@ -149,74 +149,74 @@ fprintf(stderr, "\noldgaa_release_data:\n");
+ Function: oldgaa_delete_sec_context()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_sec_context(uint32 *minor_status,
+- oldgaa_sec_context_ptr *sec_context)
++oldgaa_error_code
++oldgaa_release_sec_context(uint32 *minor_status,
++ oldgaa_sec_context_ptr *sec_context)
+ {
+
+- oldgaa_sec_context_ptr *context_handle = sec_context;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_sec_context_ptr *context_handle = sec_context;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_sec_context:\n");
++ fprintf(stderr, "\noldgaa_release_sec_context:\n");
+ #endif /* DEBUG */
+
+- if (*context_handle == NULL || *context_handle == OLDGAA_NO_SEC_CONTEXT)
+- return OLDGAA_SUCCESS ;
++ if (*context_handle == NULL || *context_handle == OLDGAA_NO_SEC_CONTEXT)
++ return OLDGAA_SUCCESS ;
+
+- /* ignore errors to allow for incomplete context handles */
++ /* ignore errors to allow for incomplete context handles */
+
+- if ((*context_handle)->identity_cred!= NULL)
++ if ((*context_handle)->identity_cred!= NULL)
+ inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
+- &((*context_handle)->identity_cred));
+-
+-
+- if ((*context_handle)->authr_cred!= NULL)
+- inv_major_status = oldgaa_release_authr_cred(&inv_minor_status,
+- &((*context_handle)->authr_cred));
+-
+-
+- if ((*context_handle)->group_membership!= NULL)
+- inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
+- &((*context_handle)->group_membership));
+-
+-
+- if ((*context_handle)->group_non_membership!= NULL)
+- inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
+- &((*context_handle)->group_non_membership));
+-
+-
+- if ((*context_handle)->attributes!= NULL)
+- inv_major_status = oldgaa_release_attributes(&inv_minor_status,
+- &((*context_handle)->attributes));
+-
+-
+- if ((*context_handle)->unevl_cred!= NULL)
+- inv_major_status = oldgaa_release_uneval_cred(&inv_minor_status,
+- &((*context_handle)->unevl_cred));
+-
+-
+- if ((*context_handle)->connection_state!= NULL)
+- {
+- inv_major_status = oldgaa_release_buffer_contents(&inv_minor_status,
+- (*context_handle)->connection_state);
+-
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+- &((*context_handle)->connection_state));
+- }
+-
+- free(*context_handle);
++ &((*context_handle)->identity_cred));
++
++
++ if ((*context_handle)->authr_cred!= NULL)
++ inv_major_status = oldgaa_release_authr_cred(&inv_minor_status,
++ &((*context_handle)->authr_cred));
++
++
++ if ((*context_handle)->group_membership!= NULL)
++ inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
++ &((*context_handle)->group_membership));
++
++
++ if ((*context_handle)->group_non_membership!= NULL)
++ inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
++ &((*context_handle)->group_non_membership));
++
++
++ if ((*context_handle)->attributes!= NULL)
++ inv_major_status = oldgaa_release_attributes(&inv_minor_status,
++ &((*context_handle)->attributes));
++
++
++ if ((*context_handle)->unevl_cred!= NULL)
++ inv_major_status = oldgaa_release_uneval_cred(&inv_minor_status,
++ &((*context_handle)->unevl_cred));
++
++
++ if ((*context_handle)->connection_state!= NULL)
++ {
++ inv_major_status = oldgaa_release_buffer_contents(&inv_minor_status,
++ (*context_handle)->connection_state);
++
++ inv_major_status = oldgaa_release_buffer(&inv_minor_status,
++ &((*context_handle)->connection_state));
++ }
++
++ free(*context_handle);
+ *context_handle = OLDGAA_NO_SEC_CONTEXT;
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_delete_sec_context */
+
+@@ -224,119 +224,119 @@ fprintf(stderr, "\noldgaa_release_sec_context:\n");
+ Function: oldgaa_release_identity_cred()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_identity_cred (uint32 *minor_status,
+- oldgaa_identity_cred_ptr *identity_cred)
++oldgaa_error_code
++oldgaa_release_identity_cred (uint32 *minor_status,
++ oldgaa_identity_cred_ptr *identity_cred)
+
+ {
+- oldgaa_identity_cred_ptr *cred = identity_cred;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_identity_cred_ptr *cred = identity_cred;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_identity_cred:\n");
++ fprintf(stderr, "\noldgaa_release_identity_cred:\n");
+ #endif /* DEBUG */
+
+
+- if (*cred == NULL || *cred == OLDGAA_NO_IDENTITY_CRED)
+- return OLDGAA_SUCCESS;
+-
+- /* ignore errors to allow for incomplete context handles */
+-
+- if ((*cred)->principal!= NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->principal));
+-
+- if ((*cred)->conditions!= NULL)
+- inv_major_status = oldgaa_release_conditions(&inv_minor_status,
+- &((*cred)->conditions));
+-
+- if ((*cred)->mech_spec_cred!= NULL)
+- {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
+- (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+- &((*cred)->mech_spec_cred));
+- }
+-
+- if ((*cred)->next!= NULL)
++ if (*cred == NULL || *cred == OLDGAA_NO_IDENTITY_CRED)
++ return OLDGAA_SUCCESS;
++
++ /* ignore errors to allow for incomplete context handles */
++
++ if ((*cred)->principal!= NULL)
++ inv_major_status = oldgaa_release_principals(&inv_minor_status,
++ &((*cred)->principal));
++
++ if ((*cred)->conditions!= NULL)
++ inv_major_status = oldgaa_release_conditions(&inv_minor_status,
++ &((*cred)->conditions));
++
++ if ((*cred)->mech_spec_cred!= NULL)
++ {
++ inv_major_status =
++ oldgaa_release_buffer_contents(&inv_minor_status,
++ (*cred)->mech_spec_cred);
++ inv_major_status = oldgaa_release_buffer(&inv_minor_status,
++ &((*cred)->mech_spec_cred));
++ }
++
++ if ((*cred)->next!= NULL)
+ inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
+- &((*cred)->next));
++ &((*cred)->next));
+ free(*cred);
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+-}
++}
+
+ /**********************************************************************
+ Function: oldgaa_release_authr_cred()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_authr_cred(uint32 *minor_status,
+- oldgaa_authr_cred_ptr *authr_cred)
++oldgaa_error_code
++oldgaa_release_authr_cred(uint32 *minor_status,
++ oldgaa_authr_cred_ptr *authr_cred)
+
+ {
+- oldgaa_authr_cred_ptr *cred = authr_cred;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_authr_cred_ptr *cred = authr_cred;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_authr_cred:\n");
++ fprintf(stderr, "\noldgaa_release_authr_cred:\n");
+ #endif /* DEBUG */
+
+- if (*cred == NULL || *cred == OLDGAA_NO_AUTHORIZATION_CRED)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_AUTHORIZATION_CRED)
++ return OLDGAA_SUCCESS;
++
++ /* ignore errors to allow for incomplete context handles */
+
+- /* ignore errors to allow for incomplete context handles */
++ if ((*cred)->grantor != NULL)
++ inv_major_status = oldgaa_release_principals(&inv_minor_status,
++ &((*cred)->grantor));
+
+- if ((*cred)->grantor != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantor));
+-
+
+- if ((*cred)->grantee != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantee));
+-
++ if ((*cred)->grantee != NULL)
++ inv_major_status = oldgaa_release_principals(&inv_minor_status,
++ &((*cred)->grantee));
++
+
+ /*
+- *DEE what about release of objects?
++ *DEE what about release of objects?
+ * Since There are is no oldgaa_allocate_authr_cred
+- * that can be fixed when this routine is actually used.
++ * that can be fixed when this routine is actually used.
+ */
+
+- if ((*cred)->access_rights!= NULL)
+- inv_major_status = oldgaa_release_rights(&inv_minor_status,
+- &((*cred)->access_rights));
+-
+- if ((*cred)->mech_spec_cred!= NULL)
+- {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
+- (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
++ if ((*cred)->access_rights!= NULL)
++ inv_major_status = oldgaa_release_rights(&inv_minor_status,
++ &((*cred)->access_rights));
++
++ if ((*cred)->mech_spec_cred!= NULL)
++ {
++ inv_major_status =
++ oldgaa_release_buffer_contents(&inv_minor_status,
++ (*cred)->mech_spec_cred);
++ inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+ &((*cred)->mech_spec_cred));
+- }
++ }
+
+- if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_authr_cred(&inv_minor_status,
+- &((*cred)->next));
+-
+- free(*cred);
++ if ((*cred)->next!= NULL)
++ inv_major_status = oldgaa_release_authr_cred(&inv_minor_status,
++ &((*cred)->next));
++
++ free(*cred);
+
+ return OLDGAA_SUCCESS;
+
+@@ -346,56 +346,56 @@ fprintf(stderr, "\noldgaa_release_authr_cred:\n");
+ Function: oldgaa_release_attributes()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_attributes(uint32 *minor_status,
+- oldgaa_attributes_ptr *attributes)
++oldgaa_error_code
++oldgaa_release_attributes(uint32 *minor_status,
++ oldgaa_attributes_ptr *attributes)
+ {
+
+-oldgaa_attributes_ptr *cred = attributes;
+-uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_attributes_ptr *cred = attributes;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_attributes:\n");
++ fprintf(stderr, "\noldgaa_release_attributes:\n");
+ #endif /* DEBUG */
+
+- if (*cred == NULL || *cred == OLDGAA_NO_ATTRIBUTES)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_ATTRIBUTES)
++ return OLDGAA_SUCCESS;
++
++ /* ignore errors to allow for incomplete context handles */
+
+- /* ignore errors to allow for incomplete context handles */
++ if ((*cred)->mech_type != NULL) free((*cred)->mech_type);
++ if ((*cred)->type != NULL) free((*cred)->type);
++ if ((*cred)->value != NULL) free((*cred)->value);
+
+- if ((*cred)->mech_type != NULL) free((*cred)->mech_type);
+- if ((*cred)->type != NULL) free((*cred)->type);
+- if ((*cred)->value != NULL) free((*cred)->value);
+
+-
+- if ((*cred)->conditions!= NULL)
+- inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
+- &((*cred)->conditions));
++ if ((*cred)->conditions!= NULL)
++ inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
++ &((*cred)->conditions));
+
+- if ((*cred)->mech_spec_cred!= NULL)
+- {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
+- (*cred)->mech_spec_cred);
+- inv_major_status =oldgaa_release_buffer(&inv_minor_status,
++ if ((*cred)->mech_spec_cred!= NULL)
++ {
++ inv_major_status =
++ oldgaa_release_buffer_contents(&inv_minor_status,
++ (*cred)->mech_spec_cred);
++ inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+ &((*cred)->mech_spec_cred));
+- }
++ }
+
+- if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_attributes(&inv_minor_status,
+- &((*cred)->next));
++ if ((*cred)->next!= NULL)
++ inv_major_status = oldgaa_release_attributes(&inv_minor_status,
++ &((*cred)->next));
+
+- free(*cred);
++ free(*cred);
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_rlease_attributes */
+
+@@ -403,56 +403,56 @@ fprintf(stderr, "\noldgaa_release_attributes:\n");
+ Function: oldgaa_rlease_uneval_cred()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_uneval_cred(uint32 *minor_status,
+- oldgaa_uneval_cred_ptr *uneval_cred)
++oldgaa_error_code
++oldgaa_release_uneval_cred(uint32 *minor_status,
++ oldgaa_uneval_cred_ptr *uneval_cred)
+
+ {
+- oldgaa_uneval_cred_ptr *cred = uneval_cred;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_uneval_cred_ptr *cred = uneval_cred;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_uneval_cred:\n");
++ fprintf(stderr, "\noldgaa_release_uneval_cred:\n");
+ #endif /* DEBUG */
+
+
+- if (*cred == NULL || *cred == OLDGAA_NO_UNEVAL_CRED)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_UNEVAL_CRED)
++ return OLDGAA_SUCCESS;
++
++ /* ignore errors to allow for incomplete context handles */
++
+
+- /* ignore errors to allow for incomplete context handles */
++ if ((*cred)->grantor != NULL)
++ inv_major_status = oldgaa_release_principals(&inv_minor_status,
++ &((*cred)->grantor));
+
+-
+- if ((*cred)->grantor != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantor));
+-
+
+- if ((*cred)->grantee != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantee));
++ if ((*cred)->grantee != NULL)
++ inv_major_status = oldgaa_release_principals(&inv_minor_status,
++ &((*cred)->grantee));
+
+
+- if ((*cred)->mech_spec_cred!= NULL)
+- {
+- inv_major_status =
++ if ((*cred)->mech_spec_cred!= NULL)
++ {
++ inv_major_status =
+ oldgaa_release_buffer_contents(&inv_minor_status,
+- (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
++ (*cred)->mech_spec_cred);
++ inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+ &((*cred)->mech_spec_cred));
+- }
++ }
+
+- if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_uneval_cred(&inv_minor_status,
+- &((*cred)->next));
++ if ((*cred)->next!= NULL)
++ inv_major_status = oldgaa_release_uneval_cred(&inv_minor_status,
++ &((*cred)->next));
+
+- free(*cred);
++ free(*cred);
+
+ return OLDGAA_SUCCESS;
+
+@@ -462,47 +462,47 @@ fprintf(stderr, "\noldgaa_release_uneval_cred:\n");
+ Function: oldgaa_rlease_principals()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_principals(uint32 *minor_status,
+- oldgaa_principals_ptr *principals)
++oldgaa_error_code
++oldgaa_release_principals(uint32 *minor_status,
++ oldgaa_principals_ptr *principals)
+ {
+
+-oldgaa_principals_ptr *cred = principals;
+-uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_principals_ptr *cred = principals;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_principals:\n");
++ fprintf(stderr, "\noldgaa_release_principals:\n");
+ #endif /* DEBUG */
+
+- if (*cred == NULL || *cred == OLDGAA_NO_PRINCIPALS)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_PRINCIPALS)
++ return OLDGAA_SUCCESS;
++
++ /* ignore errors to allow for incomplete context handles */
++
+
+- /* ignore errors to allow for incomplete context handles */
++ if ((*cred)->rights != NULL)
++ inv_major_status = oldgaa_release_rights(&inv_minor_status,
++ &((*cred)->rights));
+
+
+- if ((*cred)->rights != NULL)
+- inv_major_status = oldgaa_release_rights(&inv_minor_status,
+- &((*cred)->rights));
++ if ((*cred)->next != NULL)
++ inv_major_status = oldgaa_release_principals(&inv_minor_status,
++ &((*cred)->next));
+
++ if ((*cred)->type != NULL) free((*cred)->type);
++ if ((*cred)->authority != NULL) free((*cred)->authority);
++ if ((*cred)->value != NULL) free((*cred)->value);
+
+- if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->next));
+-
+- if ((*cred)->type != NULL) free((*cred)->type);
+- if ((*cred)->authority != NULL) free((*cred)->authority);
+- if ((*cred)->value != NULL) free((*cred)->value);
+-
+ free(*cred);
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_rlease_principals */
+
+@@ -510,31 +510,31 @@ fprintf(stderr, "\noldgaa_release_principals:\n");
+ Function: oldgaa_rlease_rights()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_rights(uint32 *minor_status,
+- oldgaa_rights_ptr *rights)
++oldgaa_error_code
++oldgaa_release_rights(uint32 *minor_status,
++ oldgaa_rights_ptr *rights)
+ {
+
+-oldgaa_rights_ptr *cred = rights;
+-uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_rights_ptr *cred = rights;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_rights:\n");
++ fprintf(stderr, "\noldgaa_release_rights:\n");
+ #endif /* DEBUG */
+
+
+- if (*cred == NULL || *cred == OLDGAA_NO_RIGHTS)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_RIGHTS)
++ return OLDGAA_SUCCESS;
+
+ #ifdef DEBUG
+-fprintf(stderr, "rights:%p:ref:%d\n",*cred,(*cred)->reference_count);
++ fprintf(stderr, "rights:%p:ref:%d\n",*cred,(*cred)->reference_count);
+ #endif /* DEBUG */
+
+ (*cred)->reference_count--;
+@@ -543,27 +543,27 @@ fprintf(stderr, "rights:%p:ref:%d\n",*cred,(*cred)->reference_count);
+ return OLDGAA_SUCCESS;
+ }
+
+- /* ignore errors to allow for incomplete context handles */
++ /* ignore errors to allow for incomplete context handles */
++
+
+-
+- if ((*cred)->cond_bindings != NULL)
+- inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
+- &((*cred)->cond_bindings));
+-
++ if ((*cred)->cond_bindings != NULL)
++ inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
++ &((*cred)->cond_bindings));
++
++
++ if ((*cred)->next != NULL)
++ inv_major_status = oldgaa_release_rights(&inv_minor_status,
++ &((*cred)->next));
++
++ if ((*cred)->type != NULL) free((*cred)->type);
++ if ((*cred)->authority != NULL) free((*cred)->authority);
++ if ((*cred)->value != NULL) free((*cred)->value);
+
+- if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_rights(&inv_minor_status,
+- &((*cred)->next));
+-
+- if ((*cred)->type != NULL) free((*cred)->type);
+- if ((*cred)->authority != NULL) free((*cred)->authority);
+- if ((*cred)->value != NULL) free((*cred)->value);
+
+-
+ free(*cred);
+ *rights = NULL;
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+ } /* oldgaa_rlease_rights */
+
+@@ -571,82 +571,82 @@ fprintf(stderr, "rights:%p:ref:%d\n",*cred,(*cred)->reference_count);
+ Function: oldgaa_rlease_cond_bindings()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_cond_bindings(uint32 *minor_status,
+- oldgaa_cond_bindings_ptr *cond_bind)
++oldgaa_error_code
++oldgaa_release_cond_bindings(uint32 *minor_status,
++ oldgaa_cond_bindings_ptr *cond_bind)
+ {
+- oldgaa_cond_bindings_ptr *cred = cond_bind;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_cond_bindings_ptr *cred = cond_bind;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_cond_bindings:\n");
++ fprintf(stderr, "\noldgaa_release_cond_bindings:\n");
+ #endif /* DEBUG */
+
+
+- if (*cred == NULL || *cred == OLDGAA_NO_COND_BINDINGS)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_COND_BINDINGS)
++ return OLDGAA_SUCCESS;
+
+ #ifdef DEBUG
+-fprintf(stderr, "cond:%p:ref:%d\n",*cred,(*cred)->reference_count);
++ fprintf(stderr, "cond:%p:ref:%d\n",*cred,(*cred)->reference_count);
+ #endif /* DEBUG */
+
+- (*cred)->reference_count--;
+- if ((*cred)->reference_count > 0) {
+- *cond_bind = NULL;
+- return OLDGAA_SUCCESS;
++ (*cred)->reference_count--;
++ if ((*cred)->reference_count > 0) {
++ *cond_bind = NULL;
++ return OLDGAA_SUCCESS;
+ }
+
+- /* ignore errors to allow for incomplete context handles */
++ /* ignore errors to allow for incomplete context handles */
++
++ if ((*cred)->condition != NULL)
++ inv_major_status = oldgaa_release_conditions(&inv_minor_status,
++ &((*cred)->condition));
+
+- if ((*cred)->condition != NULL)
+- inv_major_status = oldgaa_release_conditions(&inv_minor_status,
+- &((*cred)->condition));
++ if ((*cred)->next != NULL)
++ inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
++ &((*cred)->next));
+
+- if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
+- &((*cred)->next));
+-
+ free(*cred);
+- *cond_bind = NULL;
++ *cond_bind = NULL;
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+-}
++}
+
+ /**********************************************************************
+ Function: oldgaa_rlease_conditions()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_conditions(uint32 *minor_status,
+- oldgaa_conditions_ptr *cond)
++oldgaa_error_code
++oldgaa_release_conditions(uint32 *minor_status,
++ oldgaa_conditions_ptr *cond)
+ {
+- oldgaa_conditions_ptr *cred = cond;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ oldgaa_conditions_ptr *cred = cond;
++ uint32 inv_minor_status = 0, inv_major_status = 0;
+
+ #ifdef DEBUG
+-fprintf(stderr, "\noldgaa_release_conditions:\n");
++ fprintf(stderr, "\noldgaa_release_conditions:\n");
+ #endif /* DEBUG */
+
+- if (*cred == NULL || *cred == OLDGAA_NO_CONDITIONS)
+- return OLDGAA_SUCCESS;
++ if (*cred == NULL || *cred == OLDGAA_NO_CONDITIONS)
++ return OLDGAA_SUCCESS;
+
+ #ifdef DEBUG
+-fprintf(stderr, "conditions:%p:ref:%d\n",*cred,(*cred)->reference_count);
++ fprintf(stderr, "conditions:%p:ref:%d\n",*cred,(*cred)->reference_count);
+ #endif /* DEBUG */
+
+ (*cred)->reference_count--;
+@@ -654,35 +654,35 @@ fprintf(stderr, "conditions:%p:ref:%d\n",*cred,(*cred)->reference_count);
+ *cond = NULL;
+ return OLDGAA_SUCCESS;
+ }
+- /* ignore errors to allow for incomplete context handles */
++ /* ignore errors to allow for incomplete context handles */
++
++ if ((*cred)->next != NULL)
++ inv_major_status = oldgaa_release_conditions(&inv_minor_status,
++ &((*cred)->next));
+
+- if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_conditions(&inv_minor_status,
+- &((*cred)->next));
+-
+- if ((*cred)->type != NULL) free((*cred)->type);
+- if ((*cred)->authority != NULL) free((*cred)->authority);
+- if ((*cred)->value != NULL) free((*cred)->value);
++ if ((*cred)->type != NULL) free((*cred)->type);
++ if ((*cred)->authority != NULL) free((*cred)->authority);
++ if ((*cred)->value != NULL) free((*cred)->value);
+
+ free(*cred);
+
+- return OLDGAA_SUCCESS;
++ return OLDGAA_SUCCESS;
+
+-}
++}
+ /**********************************************************************
+ Function: oldgaa_rlease_answer()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_answer(uint32 *minor_status,
+- oldgaa_answer_ptr *answer)
++oldgaa_error_code
++oldgaa_release_answer(uint32 *minor_status,
++ oldgaa_answer_ptr *answer)
+ {
+ oldgaa_answer_ptr * cred = answer;
+ uint32 inv_minor_status = 0;
+@@ -693,18 +693,18 @@ oldgaa_release_answer(uint32 *minor_status,
+ fprintf(stderr, "\noldgaa_release_answer:\n");
+ #endif /* DEBUG */
+
+- if (*cred == NULL || *cred == OLDGAA_NO_ANSWER)
++ if (*cred == NULL || *cred == OLDGAA_NO_ANSWER)
+ {
+ return OLDGAA_SUCCESS;
+ }
+
+- if ((*cred)->rights!= NULL)
+- {
+- /* ignore errors to allow for incomplete context handles */
+- inv_major_status =
++ if ((*cred)->rights!= NULL)
++ {
++ /* ignore errors to allow for incomplete context handles */
++ inv_major_status =
+ oldgaa_release_rights(&inv_minor_status, &((*cred)->rights));
+- }
+-
++ }
++
+ if ((*cred)->valid_time != NULL)
+ {
+ free((*cred)->valid_time);
+@@ -720,31 +720,31 @@ oldgaa_release_answer(uint32 *minor_status,
+ Function: oldgaa_rlease_principals()
+
+ Description:
+- delete the security context
++ delete the security context
+
+ Parameters:
+
+ Returns:
+ **********************************************************************/
+
+-oldgaa_error_code
+-oldgaa_release_sec_attrb(uint32 *minor_status,
+- oldgaa_sec_attrb_ptr *attributes)
++oldgaa_error_code
++oldgaa_release_sec_attrb(uint32 *minor_status,
++ oldgaa_sec_attrb_ptr *attributes)
+ {
+ oldgaa_sec_attrb_ptr * cred = attributes;
+- uint32 inv_minor_status = 0;
++ uint32 inv_minor_status = 0;
+ uint32 inv_major_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_sec_attrb:\n");
+ #endif /* DEBUG */
+
+- if (*cred == NULL || *cred == OLDGAA_NO_SEC_ATTRB)
++ if (*cred == NULL || *cred == OLDGAA_NO_SEC_ATTRB)
+ {
+ return OLDGAA_SUCCESS;
+ }
+
+- if ((*cred)->next != NULL)
++ if ((*cred)->next != NULL)
+ {
+ /* ignore errors to allow for incomplete context handles */
+ inv_major_status =
+@@ -758,6 +758,6 @@ oldgaa_release_sec_attrb(uint32 *minor_status,
+ free(*cred);
+
+ return OLDGAA_SUCCESS;
+-}
++}
+
+ /**********************************************************************/
+--
+2.54.0
+
diff --git a/0002-Build-with-OpenSSL-4.patch b/0002-Build-with-OpenSSL-4.patch
new file mode 100644
index 0000000..5645d1d
--- /dev/null
+++ b/0002-Build-with-OpenSSL-4.patch
@@ -0,0 +1,87 @@
+From 24375b8503d2a4373600b14d03700b697415737b Mon Sep 17 00:00:00 2001
+From: Mattias Ellert <mattias.ellert@physics.uu.se>
+Date: Wed, 20 May 2026 00:15:37 +0200
+Subject: [PATCH 2/3] Build with OpenSSL 4
+
+---
+ gsi/callback/source/library/globus_gsi_callback.c | 13 ++++++++++++-
+ gsi/callback/source/library/globus_gsi_callback.h | 13 +++++++++++++
+ 2 files changed, 25 insertions(+), 1 deletion(-)
+
+diff --git a/gsi/callback/source/library/globus_gsi_callback.c b/gsi/callback/source/library/globus_gsi_callback.c
+index a65105830..3178d5ce4 100644
+--- a/gsi/callback/source/library/globus_gsi_callback.c
++++ b/gsi/callback/source/library/globus_gsi_callback.c
+@@ -590,10 +590,17 @@ int globus_gsi_callback_handshake_callback(
+ * 1 on success
+ * 0 on failure
+ */
++#if OPENSSL_VERSION_NUMBER < 0x40000000L
+ int globus_gsi_callback_check_issued(
+ X509_STORE_CTX * context,
+ X509 * cert,
+ X509 * issuer)
++#else
++int globus_gsi_callback_check_issued(
++ X509_STORE_CTX * context,
++ const X509 * cert,
++ const X509 * issuer)
++#endif
+ {
+ globus_result_t result;
+ int return_value;
+@@ -1592,8 +1599,12 @@ globus_i_gsi_callback_check_critical_extensions(
+ X509_STORE_CTX * x509_context,
+ globus_gsi_callback_data_t callback_data)
+ {
+- ASN1_OBJECT * extension_object = NULL;
++ const ASN1_OBJECT * extension_object = NULL;
++#if OPENSSL_VERSION_NUMBER < 0x40000000L
+ X509_EXTENSION * extension = NULL;
++#else
++ const X509_EXTENSION * extension = NULL;
++#endif
+ PROXY_CERT_INFO_EXTENSION * proxycertinfo = NULL;
+ PROXY_POLICY * policy = NULL;
+ int nid;
+diff --git a/gsi/callback/source/library/globus_gsi_callback.h b/gsi/callback/source/library/globus_gsi_callback.h
+index 86b96b2bf..f7c41bb65 100644
+--- a/gsi/callback/source/library/globus_gsi_callback.h
++++ b/gsi/callback/source/library/globus_gsi_callback.h
+@@ -125,9 +125,15 @@ typedef struct globus_l_gsi_callback_data_s *
+ * Typedef for a callback that may be registered for dealing with unhandled X.509 extension
+ * @ingroup globus_gsi_callback
+ */
++#if OPENSSL_VERSION_NUMBER < 0x40000000L
+ typedef int (*globus_gsi_extension_callback_t)(
+ globus_gsi_callback_data_t callback_data,
+ X509_EXTENSION * extension);
++#else
++typedef int (*globus_gsi_extension_callback_t)(
++ globus_gsi_callback_data_t callback_data,
++ const X509_EXTENSION * extension);
++#endif
+
+ #ifndef DOXYGEN
+
+@@ -149,10 +155,17 @@ globus_gsi_callback_handshake_callback(
+ int preverify_ok,
+ X509_STORE_CTX * x509_context);
+
++#if OPENSSL_VERSION_NUMBER < 0x40000000L
+ int globus_gsi_callback_check_issued(
+ X509_STORE_CTX * context,
+ X509 * cert,
+ X509 * issuer);
++#else
++int globus_gsi_callback_check_issued(
++ X509_STORE_CTX * context,
++ const X509 * cert,
++ const X509 * issuer);
++#endif
+
+ int
+ globus_gsi_callback_X509_verify_cert(
+--
+2.54.0
+
diff --git a/0003-Fix-compiler-and-doxygen-warnings.patch b/0003-Fix-compiler-and-doxygen-warnings.patch
new file mode 100644
index 0000000..297490b
--- /dev/null
+++ b/0003-Fix-compiler-and-doxygen-warnings.patch
@@ -0,0 +1,451 @@
+From 4ee08d13e2963309e2063dc45dedd067337d3b76 Mon Sep 17 00:00:00 2001
+From: Mattias Ellert <mattias.ellert@physics.uu.se>
+Date: Wed, 20 May 2026 00:15:37 +0200
+Subject: [PATCH 3/3] Fix compiler and doxygen warnings
+
+---
+ .../library/oldgaa/globus_oldgaa_utils.c | 2 -
+ .../library/oldgaa/oldgaa_policy_evaluator.c | 13 --
+ .../source/library/oldgaa/oldgaa_release.c | 121 +++++++-----------
+ .../source/library/oldgaa/oldgaa_utils.c | 2 +-
+ 4 files changed, 47 insertions(+), 91 deletions(-)
+
+diff --git a/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c b/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c
+index 4693e392c..880ca62e9 100644
+--- a/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c
++++ b/gsi/callback/source/library/oldgaa/globus_oldgaa_utils.c
+@@ -789,7 +789,6 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+ char *str;
+ int cond_present = FALSE;
+ int new_entry = TRUE;
+- oldgaa_rights_ptr old_rights = 0;
+
+ str = malloc(pcontext->buflen);
+ str[0] = 0;
+@@ -829,7 +828,6 @@ oldgaa_globus_parse_policy (policy_file_context_ptr pcontext,
+
+ /* get rights */
+
+- old_rights = start_rights;
+ oldgaa_error = oldgaa_globus_parse_rights(pcontext,
+ str,
+ &start_rights,
+diff --git a/gsi/callback/source/library/oldgaa/oldgaa_policy_evaluator.c b/gsi/callback/source/library/oldgaa/oldgaa_policy_evaluator.c
+index b7bc78d0b..821f02d71 100644
+--- a/gsi/callback/source/library/oldgaa/oldgaa_policy_evaluator.c
++++ b/gsi/callback/source/library/oldgaa/oldgaa_policy_evaluator.c
+@@ -260,23 +260,18 @@ oldgaa_get_authorized_principals(oldgaa_sec_attrb_ptr *attributes,
+ {
+ oldgaa_policy_ptr entry = policy;
+ int was_anybody = 0;
+- int was_neg_rights = 0;
+ int number_of_entries = 1;
+ oldgaa_sec_attrb_ptr attrb = NULL;
+- uint32 minor_status;
+ oldgaa_error_code oldgaa_status = OLDGAA_SUCCESS;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_get_authorized_principals:\n");
+ #endif /* DEBUG */
+
+- minor_status = 0;
+-
+ /* Check arguments */
+ if (!policy && !attributes)
+ {
+ errno = ERRNO_INVALID_ARGUMENT;
+- minor_status = -1;
+ return OLDGAA_FAILURE;
+ }
+
+@@ -302,14 +297,6 @@ fprintf(stderr, "\noldgaa_get_authorized_principals:\n");
+ oldgaa_add_attribute(attributes, attrb);
+ number_of_entries++;
+ }
+- else
+- {
+- if(oldgaa_strings_match(entry->rights->type, NEGATIVE_RIGHTS) &&
+- oldgaa_strings_match(entry->rights->authority, rights->authority) &&
+- oldgaa_strings_match(entry->rights->value, rights->value) ) was_neg_rights = 1;
+- }
+-
+-
+ }
+
+ entry = entry->next;
+diff --git a/gsi/callback/source/library/oldgaa/oldgaa_release.c b/gsi/callback/source/library/oldgaa/oldgaa_release.c
+index 4550b4eb2..f4aae9cdc 100644
+--- a/gsi/callback/source/library/oldgaa/oldgaa_release.c
++++ b/gsi/callback/source/library/oldgaa/oldgaa_release.c
+@@ -162,7 +162,7 @@ oldgaa_release_sec_context(uint32 *minor_status,
+ {
+
+ oldgaa_sec_context_ptr *context_handle = sec_context;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+
+ #ifdef DEBUG
+@@ -175,41 +175,41 @@ oldgaa_release_sec_context(uint32 *minor_status,
+ /* ignore errors to allow for incomplete context handles */
+
+ if ((*context_handle)->identity_cred!= NULL)
+- inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
++ oldgaa_release_identity_cred(&inv_minor_status,
+ &((*context_handle)->identity_cred));
+
+
+ if ((*context_handle)->authr_cred!= NULL)
+- inv_major_status = oldgaa_release_authr_cred(&inv_minor_status,
++ oldgaa_release_authr_cred(&inv_minor_status,
+ &((*context_handle)->authr_cred));
+
+
+ if ((*context_handle)->group_membership!= NULL)
+- inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
++ oldgaa_release_identity_cred(&inv_minor_status,
+ &((*context_handle)->group_membership));
+
+
+ if ((*context_handle)->group_non_membership!= NULL)
+- inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
++ oldgaa_release_identity_cred(&inv_minor_status,
+ &((*context_handle)->group_non_membership));
+
+
+ if ((*context_handle)->attributes!= NULL)
+- inv_major_status = oldgaa_release_attributes(&inv_minor_status,
++ oldgaa_release_attributes(&inv_minor_status,
+ &((*context_handle)->attributes));
+
+
+ if ((*context_handle)->unevl_cred!= NULL)
+- inv_major_status = oldgaa_release_uneval_cred(&inv_minor_status,
++ oldgaa_release_uneval_cred(&inv_minor_status,
+ &((*context_handle)->unevl_cred));
+
+
+ if ((*context_handle)->connection_state!= NULL)
+ {
+- inv_major_status = oldgaa_release_buffer_contents(&inv_minor_status,
++ oldgaa_release_buffer_contents(&inv_minor_status,
+ (*context_handle)->connection_state);
+
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
++ oldgaa_release_buffer(&inv_minor_status,
+ &((*context_handle)->connection_state));
+ }
+
+@@ -237,7 +237,7 @@ oldgaa_release_identity_cred (uint32 *minor_status,
+
+ {
+ oldgaa_identity_cred_ptr *cred = identity_cred;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_identity_cred:\n");
+@@ -250,25 +250,20 @@ oldgaa_release_identity_cred (uint32 *minor_status,
+ /* ignore errors to allow for incomplete context handles */
+
+ if ((*cred)->principal!= NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->principal));
++ oldgaa_release_principals(&inv_minor_status, &((*cred)->principal));
+
+ if ((*cred)->conditions!= NULL)
+- inv_major_status = oldgaa_release_conditions(&inv_minor_status,
+- &((*cred)->conditions));
++ oldgaa_release_conditions(&inv_minor_status, &((*cred)->conditions));
+
+ if ((*cred)->mech_spec_cred!= NULL)
+ {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
++ oldgaa_release_buffer_contents(&inv_minor_status,
+ (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+- &((*cred)->mech_spec_cred));
++ oldgaa_release_buffer(&inv_minor_status, &((*cred)->mech_spec_cred));
+ }
+
+ if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_identity_cred(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_identity_cred(&inv_minor_status, &((*cred)->next));
+ free(*cred);
+
+ return OLDGAA_SUCCESS;
+@@ -292,7 +287,7 @@ oldgaa_release_authr_cred(uint32 *minor_status,
+
+ {
+ oldgaa_authr_cred_ptr *cred = authr_cred;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_authr_cred:\n");
+@@ -304,13 +299,11 @@ oldgaa_release_authr_cred(uint32 *minor_status,
+ /* ignore errors to allow for incomplete context handles */
+
+ if ((*cred)->grantor != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantor));
++ oldgaa_release_principals(&inv_minor_status, &((*cred)->grantor));
+
+
+ if ((*cred)->grantee != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantee));
++ oldgaa_release_principals(&inv_minor_status, &((*cred)->grantee));
+
+
+ /*
+@@ -320,21 +313,17 @@ oldgaa_release_authr_cred(uint32 *minor_status,
+ */
+
+ if ((*cred)->access_rights!= NULL)
+- inv_major_status = oldgaa_release_rights(&inv_minor_status,
+- &((*cred)->access_rights));
++ oldgaa_release_rights(&inv_minor_status, &((*cred)->access_rights));
+
+ if ((*cred)->mech_spec_cred!= NULL)
+ {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
++ oldgaa_release_buffer_contents(&inv_minor_status,
+ (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+- &((*cred)->mech_spec_cred));
++ oldgaa_release_buffer(&inv_minor_status, &((*cred)->mech_spec_cred));
+ }
+
+ if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_authr_cred(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_authr_cred(&inv_minor_status, &((*cred)->next));
+
+ free(*cred);
+
+@@ -359,7 +348,7 @@ oldgaa_release_attributes(uint32 *minor_status,
+ {
+
+ oldgaa_attributes_ptr *cred = attributes;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+
+ #ifdef DEBUG
+@@ -377,21 +366,18 @@ oldgaa_release_attributes(uint32 *minor_status,
+
+
+ if ((*cred)->conditions!= NULL)
+- inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
++ oldgaa_release_cond_bindings(&inv_minor_status,
+ &((*cred)->conditions));
+
+ if ((*cred)->mech_spec_cred!= NULL)
+ {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
++ oldgaa_release_buffer_contents(&inv_minor_status,
+ (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+- &((*cred)->mech_spec_cred));
++ oldgaa_release_buffer(&inv_minor_status, &((*cred)->mech_spec_cred));
+ }
+
+ if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_attributes(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_attributes(&inv_minor_status, &((*cred)->next));
+
+ free(*cred);
+
+@@ -416,7 +402,7 @@ oldgaa_release_uneval_cred(uint32 *minor_status,
+
+ {
+ oldgaa_uneval_cred_ptr *cred = uneval_cred;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_uneval_cred:\n");
+@@ -430,27 +416,22 @@ oldgaa_release_uneval_cred(uint32 *minor_status,
+
+
+ if ((*cred)->grantor != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantor));
++ oldgaa_release_principals(&inv_minor_status, &((*cred)->grantor));
+
+
+ if ((*cred)->grantee != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->grantee));
++ oldgaa_release_principals(&inv_minor_status, &((*cred)->grantee));
+
+
+ if ((*cred)->mech_spec_cred!= NULL)
+ {
+- inv_major_status =
+- oldgaa_release_buffer_contents(&inv_minor_status,
++ oldgaa_release_buffer_contents(&inv_minor_status,
+ (*cred)->mech_spec_cred);
+- inv_major_status = oldgaa_release_buffer(&inv_minor_status,
+- &((*cred)->mech_spec_cred));
++ oldgaa_release_buffer(&inv_minor_status, &((*cred)->mech_spec_cred));
+ }
+
+ if ((*cred)->next!= NULL)
+- inv_major_status = oldgaa_release_uneval_cred(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_uneval_cred(&inv_minor_status, &((*cred)->next));
+
+ free(*cred);
+
+@@ -475,7 +456,7 @@ oldgaa_release_principals(uint32 *minor_status,
+ {
+
+ oldgaa_principals_ptr *cred = principals;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_principals:\n");
+@@ -488,13 +469,11 @@ oldgaa_release_principals(uint32 *minor_status,
+
+
+ if ((*cred)->rights != NULL)
+- inv_major_status = oldgaa_release_rights(&inv_minor_status,
+- &((*cred)->rights));
++ oldgaa_release_rights(&inv_minor_status, &((*cred)->rights));
+
+
+ if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_principals(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_principals(&inv_minor_status, &((*cred)->next));
+
+ if ((*cred)->type != NULL) free((*cred)->type);
+ if ((*cred)->authority != NULL) free((*cred)->authority);
+@@ -523,7 +502,7 @@ oldgaa_release_rights(uint32 *minor_status,
+ {
+
+ oldgaa_rights_ptr *cred = rights;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_rights:\n");
+@@ -547,13 +526,12 @@ oldgaa_release_rights(uint32 *minor_status,
+
+
+ if ((*cred)->cond_bindings != NULL)
+- inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
++ oldgaa_release_cond_bindings(&inv_minor_status,
+ &((*cred)->cond_bindings));
+
+
+ if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_rights(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_rights(&inv_minor_status, &((*cred)->next));
+
+ if ((*cred)->type != NULL) free((*cred)->type);
+ if ((*cred)->authority != NULL) free((*cred)->authority);
+@@ -583,7 +561,7 @@ oldgaa_release_cond_bindings(uint32 *minor_status,
+ oldgaa_cond_bindings_ptr *cond_bind)
+ {
+ oldgaa_cond_bindings_ptr *cred = cond_bind;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_cond_bindings:\n");
+@@ -606,12 +584,10 @@ oldgaa_release_cond_bindings(uint32 *minor_status,
+ /* ignore errors to allow for incomplete context handles */
+
+ if ((*cred)->condition != NULL)
+- inv_major_status = oldgaa_release_conditions(&inv_minor_status,
+- &((*cred)->condition));
++ oldgaa_release_conditions(&inv_minor_status, &((*cred)->condition));
+
+ if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_cond_bindings(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_cond_bindings(&inv_minor_status, &((*cred)->next));
+
+ free(*cred);
+ *cond_bind = NULL;
+@@ -636,7 +612,7 @@ oldgaa_release_conditions(uint32 *minor_status,
+ oldgaa_conditions_ptr *cond)
+ {
+ oldgaa_conditions_ptr *cred = cond;
+- uint32 inv_minor_status = 0, inv_major_status = 0;
++ uint32 inv_minor_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_conditions:\n");
+@@ -657,8 +633,7 @@ oldgaa_release_conditions(uint32 *minor_status,
+ /* ignore errors to allow for incomplete context handles */
+
+ if ((*cred)->next != NULL)
+- inv_major_status = oldgaa_release_conditions(&inv_minor_status,
+- &((*cred)->next));
++ oldgaa_release_conditions(&inv_minor_status, &((*cred)->next));
+
+ if ((*cred)->type != NULL) free((*cred)->type);
+ if ((*cred)->authority != NULL) free((*cred)->authority);
+@@ -686,7 +661,6 @@ oldgaa_release_answer(uint32 *minor_status,
+ {
+ oldgaa_answer_ptr * cred = answer;
+ uint32 inv_minor_status = 0;
+- uint32 inv_major_status = 0;
+
+
+ #ifdef DEBUG
+@@ -701,8 +675,7 @@ oldgaa_release_answer(uint32 *minor_status,
+ if ((*cred)->rights!= NULL)
+ {
+ /* ignore errors to allow for incomplete context handles */
+- inv_major_status =
+- oldgaa_release_rights(&inv_minor_status, &((*cred)->rights));
++ oldgaa_release_rights(&inv_minor_status, &((*cred)->rights));
+ }
+
+ if ((*cred)->valid_time != NULL)
+@@ -733,7 +706,6 @@ oldgaa_release_sec_attrb(uint32 *minor_status,
+ {
+ oldgaa_sec_attrb_ptr * cred = attributes;
+ uint32 inv_minor_status = 0;
+- uint32 inv_major_status = 0;
+
+ #ifdef DEBUG
+ fprintf(stderr, "\noldgaa_release_sec_attrb:\n");
+@@ -747,8 +719,7 @@ oldgaa_release_sec_attrb(uint32 *minor_status,
+ if ((*cred)->next != NULL)
+ {
+ /* ignore errors to allow for incomplete context handles */
+- inv_major_status =
+- oldgaa_release_sec_attrb(&inv_minor_status, &((*cred)->next));
++ oldgaa_release_sec_attrb(&inv_minor_status, &((*cred)->next));
+ }
+
+ if ((*cred)->type != NULL) free((*cred)->type);
+diff --git a/gsi/callback/source/library/oldgaa/oldgaa_utils.c b/gsi/callback/source/library/oldgaa/oldgaa_utils.c
+index 1f5c2a1ee..7c9fd6df2 100644
+--- a/gsi/callback/source/library/oldgaa/oldgaa_utils.c
++++ b/gsi/callback/source/library/oldgaa/oldgaa_utils.c
+@@ -477,7 +477,7 @@ oldgaa_regex_matches_string(
+ {
+ /* Our result (1 == match) */
+ int result = 0;
+- char * star;
++ const char * star;
+
+ /* Check arguments */
+ if (!string || !regex)
+--
+2.54.0
+
diff --git a/globus-gsi-callback.spec b/globus-gsi-callback.spec
index 8213555..8798c7d 100644
--- a/globus-gsi-callback.spec
+++ b/globus-gsi-callback.spec
@@ -1,13 +1,16 @@
Name: globus-gsi-callback
%global _name %(tr - _ <<< %{name})
Version: 6.2
-Release: 14%{?dist}
+Release: 15%{?dist}
Summary: Grid Community Toolkit - Globus GSI Callback Library
License: Apache-2.0
URL: https://github.com/gridcf/gct/
Source: https://repo.gridcf.org/gct6/sources/%{_name}-%{version}.tar.gz
Source8: README
+Patch0: 0001-Untabify-and-remove-trailing-white-space.patch
+Patch1: 0002-Build-with-OpenSSL-4.patch
+Patch2: 0003-Fix-compiler-and-doxygen-warnings.patch
BuildRequires: make
BuildRequires: gcc
@@ -59,6 +62,9 @@ Globus GSI Callback Library Documentation Files
%prep
%setup -q -n %{_name}-%{version}
+%patch -P0 -p4
+%patch -P1 -p4
+%patch -P2 -p4
%build
# Reduce overlinking
@@ -109,6 +115,10 @@ rm %{buildroot}%{_pkgdocdir}/GLOBUS_LICENSE
%license GLOBUS_LICENSE
%changelog
+* Sun Jun 14 2026 Mattias Ellert <mattias.ellert@physics.uu.se> - 6.2-15
+- Compile with OpenSSL 4
+- Fix compiler warnings
+
* Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 6.2-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
reply other threads:[~2026-06-14 8:48 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178142690113.1.6248890401068388488.rpms-globus-gsi-callback-2d0e375c70a8@fedoraproject.org \
--to=mattias.ellert@physics.uu.se \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox