added ietf group attribute support to attibute certificate factory

diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index 073f66f..f2f5434 100644 (file)
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -28,6 +28,7 @@ ENUM(builder_part_names, BUILD_BLOB_ASN1_DER, BUILD_END,
        "BUILD_NOT_BEFORE_TIME",
        "BUILD_NOT_AFTER_TIME",
        "BUILD_SERIAL",
+       "BUILD_IETF_GROUP_ATTR",
        "BUILD_CA_CERT",
        "BUILD_CERT",
        "BUILD_X509_FLAG",

diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index 92e13c6..a0a462e 100644 (file)
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -60,9 +60,11 @@ enum builder_part_t {
        BUILD_NOT_BEFORE_TIME,
        /** notAfter, time_t* */
        BUILD_NOT_AFTER_TIME,
-       /** notAfter, time_t* */
-       BUILD_SERIAL,
        /** a serial number in binary form, chunk_t */
+       BUILD_SERIAL,
+       /** a comma-separated list of ietf group attributes, char* */
+       BUILD_IETF_GROUP_ATTR,
+       /** a ca certificate, certificate_t* */
        BUILD_CA_CERT,
        /** a certificate, certificate_t* */
        BUILD_CERT,

diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c
index a65199b..c515fd1 100644 (file)
--- a/src/libstrongswan/credentials/credential_factory.c
+++ b/src/libstrongswan/credentials/credential_factory.c
@@ -168,6 +168,7 @@ static void* create(private_credential_factory_t *this, credential_type_t type,
                                case BUILD_SIGNING_CERT:
                                case BUILD_CA_CERT:
                                case BUILD_CERT:
+                               case BUILD_IETF_GROUP_ATTR:
                                        builder->add(builder, part, va_arg(args, void*));
                                        continue;
                                default:

diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 4304d70..608ddca 100644 (file)
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -757,6 +757,10 @@ static void add(private_builder_t *this, builder_part_t part, ...)
                case BUILD_SERIAL:
                        this->ac->serialNumber = va_arg(args, chunk_t);
                        break;
+               case BUILD_IETF_GROUP_ATTR:
+                       ietfAttr_list_create_from_string(va_arg(args, char*),
+                                                                                        this->ac->groups);
+                       break;
                case BUILD_CERT:
                        cert = va_arg(args, certificate_t*);
                        if (cert->get_type(cert) == CERT_X509)

diff --git a/src/openac/openac.c b/src/openac/openac.c
index 7ce8e06..abfa95b 100755 (executable)
--- a/src/openac/openac.c
+++ b/src/openac/openac.c
@@ -572,6 +572,7 @@ int main(int argc, char **argv)
                                                                           BUILD_NOT_BEFORE_TIME, notBefore,
                                                                           BUILD_NOT_AFTER_TIME, notAfter,
                                                                           BUILD_SERIAL, serial,
+                                                                          BUILD_IETF_GROUP_ATTR, groups,
                                                                           BUILD_SIGNING_CERT, signer_cert,
                                                                           BUILD_SIGNING_KEY, signer_key,
                                                                           BUILD_END);