identification: Only use either , or / to separate RDNs
authorTobias Brunner <tobias@strongswan.org>
Mon, 5 May 2014 11:55:15 +0000 (13:55 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 18 Jun 2014 07:24:03 +0000 (09:24 +0200)
If a DN starts with a slash (or whitespace and a slash) slashes will
be used, otherwise commas.

src/libstrongswan/tests/suites/test_identification.c
src/libstrongswan/utils/identification.c

index edf53f0..5de7857 100644 (file)
@@ -376,14 +376,14 @@ START_TEST(test_equals)
                                                         "C=CH, E=moon@strongswan.org, CN=moon");
 
        ck_assert(id_equals(a, "C=CH, E=moon@strongswan.org, CN=moon"));
-       ck_assert(id_equals(a, "C==CH, E==moon@strongswan.org,,, CN==moon"));
+       ck_assert(id_equals(a, "C==CH , E==moon@strongswan.org , CN==moon"));
        ck_assert(id_equals(a, "  C=CH, E=moon@strongswan.org, CN=moon  "));
        ck_assert(id_equals(a, "C=ch, E=moon@STRONGSWAN.ORG, CN=Moon"));
        ck_assert(id_equals(a, "/C=CH/E=moon@strongswan.org/CN=moon"));
-       ck_assert(id_equals(a, "C=CH/E=moon@strongswan.org/CN=moon"));
-       ck_assert(id_equals(a, "C=CH/E=moon@strongswan.org,CN=moon"));
-       ck_assert(id_equals(a, "C=CH / E=moon@strongswan.org , CN=moon"));
+       ck_assert(id_equals(a, " / C=CH / E=moon@strongswan.org / CN=moon"));
 
+       ck_assert(!id_equals(a, "C=CH/E=moon@strongswan.org/CN=moon"));
+       ck_assert(!id_equals(a, "C=CH/E=moon@strongswan.org,CN=moon"));
        ck_assert(!id_equals(a, "C=CH E=moon@strongswan.org CN=moon"));
        ck_assert(!id_equals(a, "C=CN, E=moon@strongswan.org, CN=moon"));
        ck_assert(!id_equals(a, "E=moon@strongswan.org, C=CH, CN=moon"));
index b8199c8..46ac7e8 100644 (file)
@@ -394,14 +394,24 @@ static status_t atodn(char *src, chunk_t *dn)
        asn1_t rdn_type;
        state_t state = SEARCH_OID;
        status_t status = SUCCESS;
+       char sep = '\0';
 
        do
        {
                switch (state)
                {
                        case SEARCH_OID:
-                               if (*src != ' ' && *src != '/' && *src !=  ',' && *src != '\0')
+                               if (!sep && *src == '/')
+                               {       /* use / as separator if the string starts with a slash */
+                                       sep = '/';
+                                       break;
+                               }
+                               if (*src != ' ' && *src != '\0')
                                {
+                                       if (!sep)
+                                       {       /* use , as separator by default */
+                                               sep = ',';
+                                       }
                                        oid.ptr = src;
                                        oid.len = 1;
                                        state = READ_OID;
@@ -441,7 +451,7 @@ static status_t atodn(char *src, chunk_t *dn)
                                {
                                        break;
                                }
-                               else if (*src != ',' && *src != '/' && *src != '\0')
+                               else if (*src != sep && *src != '\0')
                                {
                                        name.ptr = src;
                                        name.len = 1;
@@ -454,7 +464,7 @@ static status_t atodn(char *src, chunk_t *dn)
                                state = READ_NAME;
                                /* fall-through */
                        case READ_NAME:
-                               if (*src != ',' && *src != '/' && *src != '\0')
+                               if (*src != sep && *src != '\0')
                                {
                                        name.len++;
                                        if (*src == ' ')