Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for PolicyConstraints, too
authorMartin Willi <martin@revosec.ch>
Wed, 15 Dec 2010 15:42:30 +0000 (16:42 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 5 Jan 2011 15:46:02 +0000 (16:46 +0100)
src/libcharon/plugins/stroke/stroke_list.c
src/libstrongswan/credentials/certificates/x509.h
src/libstrongswan/plugins/constraints/constraints_validator.c
src/libstrongswan/plugins/openssl/openssl_x509.c
src/libstrongswan/plugins/x509/x509_cert.c
src/pki/commands/issue.c
src/pki/commands/print.c
src/pki/commands/self.c
src/pluto/ocsp.c
src/pluto/x509.c

index b4b5130..375ea38 100644 (file)
@@ -835,7 +835,7 @@ static void stroke_list_certs(linked_list_t *list, char *label,
 
                        /* list optional pathLenConstraint */
                        pathlen = x509->get_pathLenConstraint(x509);
-                       if (pathlen != X509_NO_PATH_LEN_CONSTRAINT)
+                       if (pathlen != X509_NO_CONSTRAINT)
                        {
                                fprintf(out, "  pathlen:   %d\n", pathlen);
                        }
index b0f361e..d620bbd 100644 (file)
@@ -24,7 +24,7 @@
 #include <utils/enumerator.h>
 #include <credentials/certificates/certificate.h>
 
-#define X509_NO_PATH_LEN_CONSTRAINT            -1
+#define X509_NO_CONSTRAINT             -1
 
 typedef struct x509_t x509_t;
 typedef struct x509_cert_policy_t x509_cert_policy_t;
index bab2535..a52f37a 100644 (file)
@@ -39,7 +39,7 @@ static bool check_pathlen(x509_t *issuer, int pathlen)
        int pathlen_constraint;
 
        pathlen_constraint = issuer->get_pathLenConstraint(issuer);
-       if (pathlen_constraint != X509_NO_PATH_LEN_CONSTRAINT &&
+       if (pathlen_constraint != X509_NO_CONSTRAINT &&
                pathlen > pathlen_constraint)
        {
                DBG1(DBG_CFG, "path length of %d violates constraint of %d",
index 6ffe08f..7b6ac12 100644 (file)
@@ -581,7 +581,7 @@ static private_openssl_x509_t *create_empty()
                .issuerAltNames = linked_list_create(),
                .crl_uris = linked_list_create(),
                .ocsp_uris = linked_list_create(),
-               .pathlen = X509_NO_PATH_LEN_CONSTRAINT,
+               .pathlen = X509_NO_CONSTRAINT,
                .ref = 1,
        );
 
index f794183..4f6cdaa 100644 (file)
@@ -1800,7 +1800,7 @@ static private_x509_cert_t* create_empty(void)
                .excluded_names = linked_list_create(),
                .cert_policies = linked_list_create(),
                .policy_mappings = linked_list_create(),
-               .pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT,
+               .pathLenConstraint = X509_NO_CONSTRAINT,
                .ref = 1,
        );
        return this;
@@ -1997,7 +1997,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
        {
                chunk_t pathLenConstraint = chunk_empty;
 
-               if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT)
+               if (cert->pathLenConstraint != X509_NO_CONSTRAINT)
                {
                        char pathlen = (char)cert->pathLenConstraint;
 
@@ -2361,7 +2361,7 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
                                cert->pathLenConstraint = va_arg(args, int);
                                if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127)
                                {
-                                       cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
+                                       cert->pathLenConstraint = X509_NO_CONSTRAINT;
                                }
                                continue;
                        case BUILD_PERMITTED_NAME_CONSTRAINTS:
index 62fe018..e290159 100644 (file)
@@ -59,7 +59,7 @@ static int issue()
        identification_t *id = NULL, *crl_issuer = NULL;;
        linked_list_t *san, *cdps, *ocsp, *permitted, *excluded, *policies, *mappings;
        int lifetime = 1095;
-       int pathlen = X509_NO_PATH_LEN_CONSTRAINT;
+       int pathlen = X509_NO_CONSTRAINT;
        chunk_t serial = chunk_empty;
        chunk_t encoding = chunk_empty;
        time_t not_before, not_after;
index 23fb644..dd17a0a 100644 (file)
@@ -176,7 +176,7 @@ static void print_x509(x509_t *x509)
        enumerator->destroy(enumerator);
 
        len = x509->get_pathLenConstraint(x509);
-       if (len != X509_NO_PATH_LEN_CONSTRAINT)
+       if (len != X509_NO_CONSTRAINT)
        {
                printf("pathlen:   %d\n", len);
        }
index 134231d..72ade49 100644 (file)
@@ -56,7 +56,7 @@ static int self()
        identification_t *id = NULL;
        linked_list_t *san, *ocsp, *permitted, *excluded, *policies, *mappings;
        int lifetime = 1095;
-       int pathlen = X509_NO_PATH_LEN_CONSTRAINT;
+       int pathlen = X509_NO_CONSTRAINT;
        chunk_t serial = chunk_empty;
        chunk_t encoding = chunk_empty;
        time_t not_before, not_after;
index 8a351be..85cc5e0 100644 (file)
@@ -1046,7 +1046,7 @@ static bool valid_ocsp_response(response_t *res)
 
                /* check path length constraint */
                pathlen_constraint = x509->get_pathLenConstraint(x509);
-               if (pathlen_constraint != X509_NO_PATH_LEN_CONSTRAINT &&
+               if (pathlen_constraint != X509_NO_CONSTRAINT &&
                        pathlen > pathlen_constraint)
                {
                        plog("path length of %d violates constraint of %d",
index d717beb..d821c9b 100644 (file)
@@ -256,7 +256,7 @@ bool verify_x509cert(cert_t *cert, bool strict, time_t *until)
 
                /* check path length constraint */
                pathlen_constraint = x509->get_pathLenConstraint(x509);
-               if (pathlen_constraint != X509_NO_PATH_LEN_CONSTRAINT &&
+               if (pathlen_constraint != X509_NO_CONSTRAINT &&
                        pathlen > pathlen_constraint)
                {
                        plog("path length of %d violates constraint of %d",
@@ -451,7 +451,7 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
 
                        /* list optional pathLenConstraint */
                        pathlen = x509->get_pathLenConstraint(x509);
-                       if (pathlen != X509_NO_PATH_LEN_CONSTRAINT)
+                       if (pathlen != X509_NO_CONSTRAINT)
                        {
                                whack_log(RC_COMMENT, "  pathlen:   %d", pathlen);
                        }