Commit Graph

23 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
f07a60cae0 Name constraits needs to be evaluated in block as they appear in the
certificates, they can not be joined to one list. One example of this is:

* cert is cn=foo,dc=bar,dc=baz
* subca is  dc=foo,dc=baz with name restriction dc=kaka,dc=baz
* ca is  dc=baz with name restriction dc=baz

If the name restrictions are merged to a list, the certificate will
pass this test.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16757 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-02-22 13:11:05 +00:00
Love Hörnquist Åstrand
84746467cc Handle more name constraints cases.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16741 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-02-14 12:48:25 +00:00
Love Hörnquist Åstrand
cc053da651 Try handle name constraints a little bit better.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16740 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-02-14 11:36:00 +00:00
Love Hörnquist Åstrand
43470798fb update (c)
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16739 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-02-14 10:45:47 +00:00
Love Hörnquist Åstrand
9ea664c77c (hx509_context_set_missing_crl): new function
Add CRL handling.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16613 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-19 18:14:38 +00:00
Love Hörnquist Åstrand
327096d34e Verify no certificates has been revoked with the new revoke interface.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16600 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-18 20:51:55 +00:00
Love Hörnquist Åstrand
163c6cb7b5 delete crypto_headers.h, use global file instead
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16560 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-13 14:02:49 +00:00
Love Hörnquist Åstrand
966f4361f9 Use "crypto-headers.h". Load ENGINE configuration.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16485 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-08 22:00:08 +00:00
Love Hörnquist Åstrand
7dcf3289bb add a hx509_context where we can store configuration
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16476 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-04 20:33:31 +00:00
Love Hörnquist Åstrand
7c75e73121 Revert previous, refcounter is unsigned, so it can never be negative.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16463 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-04 06:33:54 +00:00
Love Hörnquist Åstrand
e0753bff55 (hx509_cert_ref): more refcount paranoia
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16462 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-04 06:32:43 +00:00
Love Hörnquist Åstrand
6791e8dbf7 (_hx509_abort): add newline to output and flush stdout
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16449 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-03 16:31:14 +00:00
Love Hörnquist Åstrand
ecfef14d45 (hx509_cert_free): if there is a private key assosited with this cert, free it
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16441 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-03 09:41:48 +00:00
Love Hörnquist Åstrand
02d27ea231 Use _hx509_abort.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16436 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-01-03 08:26:26 +00:00
Love Hörnquist Åstrand
e61738ea81 (hx509_cert_get_attribute): remove const, its not
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16015 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-09-03 19:56:14 +00:00
Love Hörnquist Åstrand
430ca62d97 Add HX509_QUERY_MATCH_FUNCTION that allows caller to match by
function, note that this doesn't not work directly for backends that
implements ->query, they must do their own processing.
(I'm running out of flags, only 12 left now)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15810 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-27 21:45:25 +00:00
Love Hörnquist Åstrand
8e29b2d8f8 fix const warning
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15794 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-27 19:21:50 +00:00
Love Hörnquist Åstrand
f1fdd9b275 add hx509_cert_find_subjectAltName_otherName
add HX509_QUERY_MATCH_FRIENDLY_NAME


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15792 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-27 19:19:41 +00:00
Love Hörnquist Åstrand
3acf98f2ca (hx509_verify_destroy_ctx): add
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15754 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-25 23:13:24 +00:00
Love Hörnquist Åstrand
9c1bb470a3 more checks on KeyUsage, allow to query on them too
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15726 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-25 11:43:10 +00:00
Love Hörnquist Åstrand
741d6b5d40 allow matching on SubjectKeyId
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15723 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-24 20:37:39 +00:00
Love Hörnquist Åstrand
9a65106a30 fix id tags
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15718 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-24 20:05:40 +00:00
Love Hörnquist Åstrand
0a70228c08 Initial revision
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15716 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-07-24 16:59:14 +00:00