Generate a load-tester certificate only for DN or subjectAltName identities
authorMartin Willi <martin@revosec.ch>
Mon, 1 Oct 2012 13:38:20 +0000 (15:38 +0200)
committerMartin Willi <martin@revosec.ch>
Tue, 16 Oct 2012 11:43:54 +0000 (13:43 +0200)
src/libcharon/plugins/load_tester/load_tester_creds.c

index b423896..3f1c983 100644 (file)
@@ -347,15 +347,25 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
                /* peer certificate, generate on demand */
                serial = htonl(++this->serial);
                now = time(NULL);
                /* peer certificate, generate on demand */
                serial = htonl(++this->serial);
                now = time(NULL);
-
                sans = linked_list_create();
                sans = linked_list_create();
-               if (id->get_type(id) != ID_DER_ASN1_DN)
-               {       /* encode as subjectAltName, construct a sane DN */
-                       sans->insert_last(sans, id);
-                       snprintf(buf, sizeof(buf), "CN=%Y", id);
-                       dn = identification_create_from_string(buf);
-               }
 
 
+               switch (id->get_type(id))
+               {
+                       case ID_DER_ASN1_DN:
+                               break;
+                       case ID_FQDN:
+                       case ID_RFC822_ADDR:
+                       case ID_IPV4_ADDR:
+                       case ID_IPV6_ADDR:
+                               /* encode as subjectAltName, construct a sane DN */
+                               sans->insert_last(sans, id);
+                               snprintf(buf, sizeof(buf), "CN=%Y", id);
+                               dn = identification_create_from_string(buf);
+                               break;
+                       default:
+                               sans->destroy(sans);
+                               return NULL;
+               }
                peer_key = this->private->get_public_key(this->private);
                peer_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
                                                                        BUILD_SIGNING_KEY, this->private,
                peer_key = this->private->get_public_key(this->private);
                peer_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
                                                                        BUILD_SIGNING_KEY, this->private,