oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
17,090 Commits 2 Branches 2 Tags
3b766317e823ced6ec332ec00e336efeefb5aa60
Commit Graph

56 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
046997bc17 Add release function for certifiates so backend knowns when its no 
longer used.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17589 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-27 10:59:13 +00:00
Love Hörnquist Åstrand
09f034b560 Avoid shadowing. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17574 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-13 20:26:47 +00:00
Love Hörnquist Åstrand
e6b5883e02 Sprinkle setting error strings. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17399 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 15:24:51 +00:00
Love Hörnquist Åstrand
74a41b918b Sprinkel setting error strings. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17391 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 14:02:50 +00:00
Love Hörnquist Åstrand
37db31f903 Reverse previous patch, lets do it another way. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17375 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-30 14:53:05 +00:00
Love Hörnquist Åstrand
e9f16d62ab (hx509_revoke_verify): update usage 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17374 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-30 14:11:55 +00:00
Love Hörnquist Åstrand
4a99bbcc37 remove _hx509_cert_private_sigature 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17366 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-30 07:35:08 +00:00
Love Hörnquist Åstrand
a4e67a6533 (hx509_cert_get_base_subject): reject un-canon proxy certs, not the reverse 
(add_to_list): constify and fix argument order to copy_octet_string
(hx509_cert_find_subjectAltName_otherName): make work


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17347 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-29 14:22:41 +00:00
Love Hörnquist Åstrand
feb2699d9b (hx509_verify_hostname): implement stub function 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17333 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-28 11:24:10 +00:00
Love Hörnquist Åstrand
c7b6f93485 When verifying certificates, store subject basename for later consumption. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17284 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:33:55 +00:00
Love Hörnquist Åstrand
70552d3ed2 remove debug printf's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17277 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 16:59:52 +00:00
Love Hörnquist Åstrand
b1139e02d0 (hx509_verify_path): handle the case where the where two proxy certs 
in a chain.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17274 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 16:47:45 +00:00
Love Hörnquist Åstrand
56b18c1385 (hx509_verify_path): Need to mangle name to remove the CN of the 
subject, copying issuer only works for one level but is better then
doing no checking at all.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17262 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 15:02:48 +00:00
Love Hörnquist Åstrand
db9e1df818 Fix comment about subject name of proxy certificate. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17258 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 13:49:27 +00:00
Love Hörnquist Åstrand
cf3c9e7986 Make proxy certificate work. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17257 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 13:35:20 +00:00
Love Hörnquist Åstrand
1b98d3a6ff (hx509_verify_path): verify proxy certificate have no san or ian 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17252 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 12:36:49 +00:00
Love Hörnquist Åstrand
253352539c (hx509_verify_set_proxy_certificate): Add 
(*): rename policy cert to proxy cert


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17251 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 12:21:20 +00:00
Love Hörnquist Åstrand
3d4b238a8b Initial support for policy certificates. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17250 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 12:05:10 +00:00
Love Hörnquist Åstrand
8699156461 Expose the path building function to internal functions. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17167 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-22 11:38:39 +00:00
Love Hörnquist Åstrand
7391a1abf9 (hx509_query_match_friendly_name): fix return value 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17159 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-22 07:22:15 +00:00
Love Hörnquist Åstrand
5f7eeddc5e (hx509_query_match_friendly_name): New function. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17152 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-21 22:16:55 +00:00
Love Hörnquist Åstrand
4e37989b39 Remove unused function. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17121 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-21 11:25:20 +00:00
Love Hörnquist Åstrand
866f4be765 (hx509_verify_path): if trust anchor is not self signed, don't check sig 
From Douglas Engert.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17108 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 17:05:11 +00:00
Love Hörnquist Åstrand
86f05f039c expose print_cert_subject internally 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16990 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-03 15:24:58 +00:00
Love Hörnquist Åstrand
7a53af1e6a Add HX509_QUERY_MATCH_KEY_HASH_SHA1 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16911 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-01 02:10:24 +00:00
Love Hörnquist Åstrand
d7379e76d2 rename missing-crl to missing-revoke 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16898 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-01 00:30:45 +00:00
Love Hörnquist Åstrand
f3b1b0858c Use HX509_DEFAULT_OCSP_TIME_DIFF. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16887 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-31 22:07:26 +00:00
Love Hörnquist Åstrand
40164d5a9e Add ocsp glue, use new _hx509_verify_signature_bitstring, add eku 
checking function.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16883 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-31 22:03:13 +00:00
Love Hörnquist Åstrand
7c1b919893 Update for ocsp merge. handle building path w/o subject (using subject key id) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16870 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-31 01:51:22 +00:00
Love Hörnquist Åstrand
e3ef13ddb4 (hx509_cert_free): ok to free NULL 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16836 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 21:34:13 +00:00
Love Hörnquist Åstrand
bf2edb9716 (hx509_query_alloc): allocate slight more more then a sizeof(pointer) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16820 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 02:07:05 +00:00
Love Hörnquist Åstrand
7542d311ee Expose more of the hx509_query interface. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16812 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-26 23:51:10 +00:00
Love Hörnquist Åstrand
d8486beab5 Add exceptions for null (empty) subjectNames 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16762 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-22 15:14:00 +00:00
Love Hörnquist Åstrand
f07a60cae0 Name constraits needs to be evaluated in block as they appear in the 
certificates, they can not be joined to one list. One example of this is:

* cert is cn=foo,dc=bar,dc=baz
* subca is  dc=foo,dc=baz with name restriction dc=kaka,dc=baz
* ca is  dc=baz with name restriction dc=baz

If the name restrictions are merged to a list, the certificate will
pass this test.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16757 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-22 13:11:05 +00:00
Love Hörnquist Åstrand
84746467cc Handle more name constraints cases. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16741 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-14 12:48:25 +00:00
Love Hörnquist Åstrand
cc053da651 Try handle name constraints a little bit better. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16740 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-14 11:36:00 +00:00
Love Hörnquist Åstrand
43470798fb update (c) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16739 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-14 10:45:47 +00:00
Love Hörnquist Åstrand
9ea664c77c (hx509_context_set_missing_crl): new function 
Add CRL handling.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16613 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-19 18:14:38 +00:00
Love Hörnquist Åstrand
327096d34e Verify no certificates has been revoked with the new revoke interface. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16600 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-18 20:51:55 +00:00
Love Hörnquist Åstrand
163c6cb7b5 delete crypto_headers.h, use global file instead 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16560 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-13 14:02:49 +00:00
Love Hörnquist Åstrand
966f4361f9 Use "crypto-headers.h". Load ENGINE configuration. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16485 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-08 22:00:08 +00:00
Love Hörnquist Åstrand
7dcf3289bb add a hx509_context where we can store configuration 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16476 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-04 20:33:31 +00:00
Love Hörnquist Åstrand
7c75e73121 Revert previous, refcounter is unsigned, so it can never be negative. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16463 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-04 06:33:54 +00:00
Love Hörnquist Åstrand
e0753bff55 (hx509_cert_ref): more refcount paranoia 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16462 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-04 06:32:43 +00:00
Love Hörnquist Åstrand
6791e8dbf7 (_hx509_abort): add newline to output and flush stdout 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16449 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-03 16:31:14 +00:00
Love Hörnquist Åstrand
ecfef14d45 (hx509_cert_free): if there is a private key assosited with this cert, free it 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16441 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-03 09:41:48 +00:00
Love Hörnquist Åstrand
02d27ea231 Use _hx509_abort. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16436 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-03 08:26:26 +00:00
Love Hörnquist Åstrand
e61738ea81 (hx509_cert_get_attribute): remove const, its not 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16015 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-03 19:56:14 +00:00
Love Hörnquist Åstrand
430ca62d97 Add HX509_QUERY_MATCH_FUNCTION that allows caller to match by 
function, note that this doesn't not work directly for backends that
implements ->query, they must do their own processing.
(I'm running out of flags, only 12 left now)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15810 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-27 21:45:25 +00:00
Love Hörnquist Åstrand
8e29b2d8f8 fix const warning 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15794 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-27 19:21:50 +00:00