strongswan.org
Wiki/Project Management
Downloads
Gitweb
projects
/
strongswan.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
a17598b
)
x509: Replace the comma separated string AC group builder with a list based one
author
Martin Willi
<martin@revosec.ch>
Tue, 4 Feb 2014 15:24:03 +0000
(16:24 +0100)
committer
Martin Willi
<martin@revosec.ch>
Mon, 31 Mar 2014 09:14:58 +0000
(11:14 +0200)
src/libstrongswan/credentials/builder.c
patch
|
blob
|
history
src/libstrongswan/credentials/builder.h
patch
|
blob
|
history
src/libstrongswan/plugins/x509/x509_ac.c
patch
|
blob
|
history
src/openac/openac.c
patch
|
blob
|
history
diff --git
a/src/libstrongswan/credentials/builder.c
b/src/libstrongswan/credentials/builder.c
index
4e52272
..
ddb64ef
100644
(file)
--- a/
src/libstrongswan/credentials/builder.c
+++ b/
src/libstrongswan/credentials/builder.c
@@
-38,7
+38,7
@@
ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_SERIAL",
"BUILD_DIGEST_ALG",
"BUILD_ENCRYPTION_ALG",
"BUILD_SERIAL",
"BUILD_DIGEST_ALG",
"BUILD_ENCRYPTION_ALG",
- "BUILD_
IETF_GROUP_ATTR
",
+ "BUILD_
AC_GROUP_STRINGS
",
"BUILD_CA_CERT",
"BUILD_CERT",
"BUILD_CRL_DISTRIBUTION_POINTS",
"BUILD_CA_CERT",
"BUILD_CERT",
"BUILD_CRL_DISTRIBUTION_POINTS",
@@
-72,4
+72,3
@@
ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_THRESHOLD",
"BUILD_END",
);
"BUILD_THRESHOLD",
"BUILD_END",
);
-
diff --git
a/src/libstrongswan/credentials/builder.h
b/src/libstrongswan/credentials/builder.h
index
103b823
..
627e093
100644
(file)
--- a/
src/libstrongswan/credentials/builder.h
+++ b/
src/libstrongswan/credentials/builder.h
@@
-87,8
+87,8
@@
enum builder_part_t {
BUILD_DIGEST_ALG,
/** encryption algorithm to use, encryption_algorithm_t */
BUILD_ENCRYPTION_ALG,
BUILD_DIGEST_ALG,
/** encryption algorithm to use, encryption_algorithm_t */
BUILD_ENCRYPTION_ALG,
- /**
a comma-separated list of ietf group attributes,
char* */
- BUILD_
IETF_GROUP_ATTR
,
+ /**
list of AC group memberships, linked_list_t* with
char* */
+ BUILD_
AC_GROUP_STRINGS
,
/** a ca certificate, certificate_t* */
BUILD_CA_CERT,
/** a certificate, certificate_t* */
/** a ca certificate, certificate_t* */
BUILD_CA_CERT,
/** a certificate, certificate_t* */
diff --git
a/src/libstrongswan/plugins/x509/x509_ac.c
b/src/libstrongswan/plugins/x509/x509_ac.c
index
410b2e5
..
97e2a94
100644
(file)
--- a/
src/libstrongswan/plugins/x509/x509_ac.c
+++ b/
src/libstrongswan/plugins/x509/x509_ac.c
@@
-1065,15
+1065,15
@@
x509_ac_t *x509_ac_load(certificate_type_t type, va_list args)
}
/**
}
/**
- *
Parse a comma separated group
list into AC group memberships
+ *
Add groups from a
list into AC group memberships
*/
*/
-static void add_groups_from_
string(private_x509_ac_t *this, char *str
)
+static void add_groups_from_
list(private_x509_ac_t *this, linked_list_t *list
)
{
enumerator_t *enumerator;
group_t *group;
char *name;
{
enumerator_t *enumerator;
group_t *group;
char *name;
- enumerator =
enumerator_create_token(str, ",", " "
);
+ enumerator =
list->create_enumerator(list
);
while (enumerator->enumerate(enumerator, &name))
{
INIT(group,
while (enumerator->enumerate(enumerator, &name))
{
INIT(group,
@@
-1106,8
+1106,8
@@
x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args)
case BUILD_SERIAL:
ac->serialNumber = chunk_clone(va_arg(args, chunk_t));
continue;
case BUILD_SERIAL:
ac->serialNumber = chunk_clone(va_arg(args, chunk_t));
continue;
- case BUILD_
IETF_GROUP_ATTR
:
- add_groups_from_
string(ac, va_arg(args, char
*));
+ case BUILD_
AC_GROUP_STRINGS
:
+ add_groups_from_
list(ac, va_arg(args, linked_list_t
*));
continue;
case BUILD_CERT:
ac->holderCert = va_arg(args, certificate_t*);
continue;
case BUILD_CERT:
ac->holderCert = va_arg(args, certificate_t*);
diff --git
a/src/openac/openac.c
b/src/openac/openac.c
index
8862e9a
..
1424a7e
100644
(file)
--- a/
src/openac/openac.c
+++ b/
src/openac/openac.c
@@
-495,6
+495,18
@@
int main(int argc, char **argv)
if (userCert != NULL && signerCert != NULL && signerKey != NULL &&
outfile != NULL)
{
if (userCert != NULL && signerCert != NULL && signerKey != NULL &&
outfile != NULL)
{
+ linked_list_t *group_list;
+ enumerator_t *enumerator;
+ char *group;
+
+ group_list = linked_list_create();
+ enumerator = enumerator_create_token(groups, ",", " ");
+ while (enumerator->enumerate(enumerator, &group))
+ {
+ group_list->insert_last(group_list, strdup(group));
+ }
+ enumerator->destroy(enumerator);
+
/* read the serial number and increment it by one */
serial = read_serial();
/* read the serial number and increment it by one */
serial = read_serial();
@@
-504,10
+516,11
@@
int main(int argc, char **argv)
BUILD_NOT_BEFORE_TIME, notBefore,
BUILD_NOT_AFTER_TIME, notAfter,
BUILD_SERIAL, serial,
BUILD_NOT_BEFORE_TIME, notBefore,
BUILD_NOT_AFTER_TIME, notAfter,
BUILD_SERIAL, serial,
- BUILD_
IETF_GROUP_ATTR, groups
,
+ BUILD_
AC_GROUP_STRINGS, group_list
,
BUILD_SIGNING_CERT, signerCert,
BUILD_SIGNING_KEY, signerKey,
BUILD_END);
BUILD_SIGNING_CERT, signerCert,
BUILD_SIGNING_KEY, signerKey,
BUILD_END);
+ group_list->destroy_function(group_list, free);
if (!attr_cert)
{
goto end;
if (!attr_cert)
{
goto end;
projects / strongswan.git / commitdiff