oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add hx509_cert_find_subjectAltName_otherName

Browse Source 
add HX509_QUERY_MATCH_FRIENDLY_NAME


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15792 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-07-27 19:19:41 +00:00
parent fdbb09ce51
commit f1fdd9b275
1 changed files with 72 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
lib/hx509/cert.c
View File

@@ -38,7 +38,8 @@ RCSID("$Id$");
struct hx509_verify_ctx_data { struct hx509_verify_ctx_data {
hx509_certs trust_anchors; hx509_certs trust_anchors;
int flags; int flags;
#define HX509_VERIFY_CTX_F_TIME_SET 1 #define HX509_VERIFY_CTX_F_TIME_SET 1
#define HX509_VERIFY_CTX_F_ALLOW_PROXY_CERTIFICATE 2
time_t time_now; time_t time_now;
int max_depth; int max_depth;
#define HX509_VERIFY_MAX_DEPTH 30 #define HX509_VERIFY_MAX_DEPTH 30
@@ -299,6 +300,69 @@ find_extension_subject_alt_name(const Certificate *cert, int *i,
sa, &size); sa, &size);
} }
static int
add_to_list(hx509_octet_string_list *list, heim_octet_string *entry)
{
void *p;
int ret;
p = realloc(list->val, (list->len + 1) * sizeof(list->val[0]));
if (p == NULL)
return ENOMEM;
list->val = p;
ret = copy_octet_string(&list->val[list->len], entry);
if (ret)
return ret;
list->len++;
return 0;
}
void
hx509_free_octet_string_list(hx509_octet_string_list *list)
{
int i;
for (i = 0; i < list->len; i++)
free_octet_string(&list->val[i]);
free(list->val);
list->val = NULL;
list->len = 0;
}
int
hx509_cert_find_subjectAltName_otherName(hx509_cert cert,
const heim_oid *oid,
hx509_octet_string_list *list)
{
GeneralNames sa;
int ret, i, j;
list->val = NULL;
list->len = 0;
i = 0;
while (1) {
ret = find_extension_subject_alt_name(_hx509_get_cert(cert), &i, &sa);
i++;
if (ret == HX509_EXTENSION_NOT_FOUND)
break;
for (j = 0; j < sa.len; j++) {
if (sa.val[j].element == choice_GeneralName_otherName &&
heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0)
{
ret = add_to_list(list, &sa.val[j].u.otherName.value);
if (ret)
return ret;
}
}
free_GeneralNames(&sa);
}
if (ret == HX509_EXTENSION_NOT_FOUND)
ret = 0;
return ret;
}
static int static int
check_key_usage(const Certificate *cert, unsigned flags, int req_present) check_key_usage(const Certificate *cert, unsigned flags, int req_present)
@@ -1274,6 +1338,13 @@ _hx509_query_match_cert(const hx509_query *q, hx509_cert cert)
if (hx509_cert_cmp(q->path->val[i], cert) == 0) if (hx509_cert_cmp(q->path->val[i], cert) == 0)
return 0; return 0;
} }
if (q->match & HX509_QUERY_MATCH_FRIENDLY_NAME) {
char *name = hx509_cert_get_friendly_name(cert);
if (name == NULL)
return 0;
if (strcasecmp(q->friendlyname, name) != 0)
return 0;
}
if (q->match & ~HX509_QUERY_MASK) if (q->match & ~HX509_QUERY_MASK)
return 0; return 0;