Add HX509_QUERY_MATCH_FUNCTION that allows caller to match by

function, note that this doesn't not work directly for backends that implements ->query, they must do their own processing. (I'm running out of flags, only 12 left now) git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15810 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-27 21:45:25 +00:00
parent 09977986dc
commit 430ca62d97
2 changed files with 8 additions and 1 deletions
--- a/lib/hx509/cert.c
+++ b/lib/hx509/cert.c
@@ -1345,6 +1345,11 @@ _hx509_query_match_cert(const hx509_query *q, hx509_cert cert)
 	if (strcasecmp(q->friendlyname, name) != 0)
 	    return 0;
    }
+    if (q->match & HX509_QUERY_MATCH_FUNCTION) {
+	int ret = (*q->cmp_func)(cert);
+	if (ret != 0)
+	    return 0;
+    }

    if (q->match & ~HX509_QUERY_MASK)
 	return 0;
--- a/lib/hx509/hx_locl.h
+++ b/lib/hx509/hx_locl.h
@@ -103,7 +103,8 @@ struct hx509_query_data {
 #define HX509_QUERY_MATCH_LOCAL_KEY_ID		0x10000
 #define HX509_QUERY_NO_MATCH_PATH		0x20000
 #define HX509_QUERY_MATCH_FRIENDLY_NAME		0x40000
-#define HX509_QUERY_MASK			0x7ffff
+#define HX509_QUERY_MATCH_FUNCTION		0x80000
+#define HX509_QUERY_MASK			0xfffff
    Certificate *subject;
    Certificate *certificate;
    heim_integer *serial;
@@ -113,6 +114,7 @@ struct hx509_query_data {
    Name *subject_name;
    hx509_path *path;
    char *friendlyname;
+    int (*cmp_func)(hx509_cert);
 };

 struct hx509_keyset_ops {