From: Martin Willi Date: Tue, 4 Feb 2014 15:24:03 +0000 (+0100) Subject: x509: Replace the comma separated string AC group builder with a list based one X-Git-Tag: 5.1.3rc1~24^2~24 X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=8f9e2dbcd581c5d69cba45158d51495100b2e813;hp=a17598bc69926f69a87eaf60c29a81b8e0d1e203 x509: Replace the comma separated string AC group builder with a list based one --- diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c index 4e52272..ddb64ef 100644 --- a/src/libstrongswan/credentials/builder.c +++ b/src/libstrongswan/credentials/builder.c @@ -38,7 +38,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END, "BUILD_SERIAL", "BUILD_DIGEST_ALG", "BUILD_ENCRYPTION_ALG", - "BUILD_IETF_GROUP_ATTR", + "BUILD_AC_GROUP_STRINGS", "BUILD_CA_CERT", "BUILD_CERT", "BUILD_CRL_DISTRIBUTION_POINTS", @@ -72,4 +72,3 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END, "BUILD_THRESHOLD", "BUILD_END", ); - diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h index 103b823..627e093 100644 --- a/src/libstrongswan/credentials/builder.h +++ b/src/libstrongswan/credentials/builder.h @@ -87,8 +87,8 @@ enum builder_part_t { BUILD_DIGEST_ALG, /** encryption algorithm to use, encryption_algorithm_t */ BUILD_ENCRYPTION_ALG, - /** a comma-separated list of ietf group attributes, char* */ - BUILD_IETF_GROUP_ATTR, + /** list of AC group memberships, linked_list_t* with char* */ + BUILD_AC_GROUP_STRINGS, /** a ca certificate, certificate_t* */ BUILD_CA_CERT, /** a certificate, certificate_t* */ diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 410b2e5..97e2a94 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -1065,15 +1065,15 @@ x509_ac_t *x509_ac_load(certificate_type_t type, va_list args) } /** - * Parse a comma separated group list into AC group memberships + * Add groups from a list into AC group memberships */ -static void add_groups_from_string(private_x509_ac_t *this, char *str) +static void add_groups_from_list(private_x509_ac_t *this, linked_list_t *list) { enumerator_t *enumerator; group_t *group; char *name; - enumerator = enumerator_create_token(str, ",", " "); + enumerator = list->create_enumerator(list); while (enumerator->enumerate(enumerator, &name)) { INIT(group, @@ -1106,8 +1106,8 @@ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args) case BUILD_SERIAL: ac->serialNumber = chunk_clone(va_arg(args, chunk_t)); continue; - case BUILD_IETF_GROUP_ATTR: - add_groups_from_string(ac, va_arg(args, char*)); + case BUILD_AC_GROUP_STRINGS: + add_groups_from_list(ac, va_arg(args, linked_list_t*)); continue; case BUILD_CERT: ac->holderCert = va_arg(args, certificate_t*); diff --git a/src/openac/openac.c b/src/openac/openac.c index 8862e9a..1424a7e 100644 --- a/src/openac/openac.c +++ b/src/openac/openac.c @@ -495,6 +495,18 @@ int main(int argc, char **argv) if (userCert != NULL && signerCert != NULL && signerKey != NULL && outfile != NULL) { + linked_list_t *group_list; + enumerator_t *enumerator; + char *group; + + group_list = linked_list_create(); + enumerator = enumerator_create_token(groups, ",", " "); + while (enumerator->enumerate(enumerator, &group)) + { + group_list->insert_last(group_list, strdup(group)); + } + enumerator->destroy(enumerator); + /* read the serial number and increment it by one */ serial = read_serial(); @@ -504,10 +516,11 @@ int main(int argc, char **argv) BUILD_NOT_BEFORE_TIME, notBefore, BUILD_NOT_AFTER_TIME, notAfter, BUILD_SERIAL, serial, - BUILD_IETF_GROUP_ATTR, groups, + BUILD_AC_GROUP_STRINGS, group_list, BUILD_SIGNING_CERT, signerCert, BUILD_SIGNING_KEY, signerKey, BUILD_END); + group_list->destroy_function(group_list, free); if (!attr_cert) { goto end;