Author: mcalmer Date: Tue Jul 1 12:04:04 2008 New Revision: 2532 URL: http://svn.opensuse.org/viewcvs/limal?rev=2532&view=rev Log: - LiteralValue IP can contain an IPv6 address * rename initIPCheck to initIP4Check * add initIP6Check * modify extension parsing to parse IPv6 addresses * modify testcase to test IPv6 addresses Modified: limal-head/limal-ca-mgm/src/LiteralValues.cpp limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp limal-head/limal-ca-mgm/src/Utils.hpp limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out Modified: limal-head/limal-ca-mgm/src/LiteralValues.cpp URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/LiteralValues.cpp?rev=2532&r1=2531&r2=2532&view=diff ============================================================================== --- limal-head/limal-ca-mgm/src/LiteralValues.cpp (original) +++ limal-head/limal-ca-mgm/src/LiteralValues.cpp Tue Jul 1 12:04:04 2008 @@ -333,11 +333,16 @@ } else if(m_impl->literalType == "IP") { - ValueCheck check = initIPCheck(); + ValueCheck check = initIP4Check(); if(!check.isValid(m_impl->literalValue)) { - LOGIT_DEBUG("Wrong LiteralValue for type 'IP': " << m_impl->literalValue); - return false; + // IPv6 address is allowed too + check = initIP6Check(); + if(!check.isValid(m_impl->literalValue)) + { + LOGIT_DEBUG("Wrong LiteralValue for type 'IP': " << m_impl->literalValue); + return false; + } } } else if(m_impl->literalType == "1.3.6.1.4.1.311.20.2.3") // ms_upn @@ -419,12 +424,17 @@ } else if(m_impl->literalType == "IP") { - ValueCheck check = initIPCheck(); + ValueCheck check = initIP4Check(); if(!check.isValid(m_impl->literalValue)) { - LOGIT_DEBUG("Wrong LiteralValue for type 'IP': " << m_impl->literalValue); - result.append(Format("Wrong LiteralValue for type 'IP': %1", - m_impl->literalValue).toString()); + // IPv6 address is allowed too + check = initIP6Check(); + if(!check.isValid(m_impl->literalValue)) + { + LOGIT_DEBUG("Wrong LiteralValue for type 'IP': " << m_impl->literalValue); + result.append(Format("Wrong LiteralValue for type 'IP': %1", + m_impl->literalValue).toString()); + } } } else if(m_impl->literalType == "1.3.6.1.4.1.311.20.2.3") // ms_upn Modified: limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp?rev=2532&r1=2531&r2=2532&view=diff ============================================================================== --- limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp (original) +++ limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp Tue Jul 1 12:04:04 2008 @@ -85,9 +85,10 @@ LiteralValue_Priv::LiteralValue_Priv(GENERAL_NAME *gen) : LiteralValue() { - char oline[256]; + char oline[256], htmp[5]; unsigned char *p = NULL; int nid = 0; + int i; ASN1_OBJECT *id_ms_san_upn; ASN1_OBJECT *id_pkinit_san; @@ -131,13 +132,29 @@ case GEN_IPADD: p = gen->d.ip->data; /* BUG: doesn't support IPV6 */ - if(gen->d.ip->length != 4) { - LOGIT_ERROR("Invalid IP Address: maybe IPv6"); - BLOCXX_THROW(limal::SyntaxException, "Invalid IP Address: maybe IPv6"); + if(gen->d.ip->length == 4) { + BIO_snprintf(oline, sizeof oline, + "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); + } + else if(gen->d.ip->length == 16) + { + oline[0] = 0; + for (i = 0; i < 8; i++) + { + BIO_snprintf(htmp, sizeof htmp, + "%X", p[0] << 8 | p[1]); + p += 2; + strcat(oline, htmp); + if (i != 7) + strcat(oline, ":"); + } + } + else + { + LOGIT_ERROR("Invalid IP Address"); + BLOCXX_THROW(limal::SyntaxException, "Invalid IP Address"); break; } - BIO_snprintf(oline, sizeof oline, - "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); setLiteral("IP", oline); break; case GEN_RID: Modified: limal-head/limal-ca-mgm/src/Utils.hpp URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/Utils.hpp?rev=2532&r1=2531&r2=2532&view=diff ============================================================================== --- limal-head/limal-ca-mgm/src/Utils.hpp (original) +++ limal-head/limal-ca-mgm/src/Utils.hpp Tue Jul 1 12:04:04 2008 @@ -145,13 +145,20 @@ return checkDNS; } -inline limal::ValueCheck initIPCheck() { +inline limal::ValueCheck initIP4Check() { limal::ValueCheck checkIP = limal::ValueCheck(new limal::ValuePosixRECheck("^([0-9]{1,3}\\.){3}[0-9]{1,3}$")); return checkIP; } +inline limal::ValueCheck initIP6Check() { + limal::ValueCheck checkIP = + limal::ValueCheck(new limal::ValuePosixRECheck("^([0-9a-fA-F]{0,4}:){7}[0-9a-fA-F]{0,4}$")); + + return checkIP; +} + inline limal::ValueCheck initAccessOIDCheck() { limal::ValueCheck checkAccessOID = limal::ValueCheck(new limal::ValuePosixRECheck("^(OCSP|caIssuers)$")) Modified: limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc?rev=2532&r1=2531&r2=2532&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc (original) +++ limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc Tue Jul 1 12:04:04 2008 @@ -121,6 +121,7 @@ List<LiteralValue> list; list.push_back(LiteralValue("IP", "164.34.35.184")); + list.push_back(LiteralValue("IP", "2001:780:101:a00:211:11ff:fee6:a5af")); list.push_back(LiteralValue("DNS", "ca.my-company.com")); list.push_back(LiteralValue("RID", "1.2.3.4")); list.push_back(LiteralValue("email", "me@my-company.com")); Modified: limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc?rev=2532&r1=2531&r2=2532&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc (original) +++ limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc Tue Jul 1 12:04:04 2008 @@ -98,6 +98,7 @@ list.push_back(LiteralValue("1.3.6.1.5.2.2", "me@MY-COMPANY.COM")); // krb5PrincipalName list.push_back(LiteralValue("1.3.6.1.4.1.311.20.2.3", "me/admin@MY-COMPANY.COM")); // ms_upn list.push_back(LiteralValue("1.3.6.1.5.2.2", "me/admin@MY-COMPANY.COM")); // krb5PrincipalName + list.push_back(LiteralValue("IP", "2001:780:101:a00:211:11ff:fee6:a5af")); // IPv6 address cid.extensions().subjectAlternativeName().setCopyEmail(true); cid.extensions().subjectAlternativeName().setAlternativeNameList(list); Modified: limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out?rev=2532&r1=2531&r2=2532&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out (original) +++ limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out Tue Jul 1 12:04:04 2008 @@ -84,6 +84,8 @@ 1.3.6.1.4.1.311.20.2.3:me/admin@MY-COMPANY.COM LiteralValue::dump() 1.3.6.1.5.2.2:me/admin@MY-COMPANY.COM +LiteralValue::dump() +IP:2001:780:101:A00:211:11FF:FEE6:A5AF IssuerAlternativeNameExt::dump() ExtensionBase::dump() is Present = true @@ -103,6 +105,8 @@ 1.3.6.1.4.1.311.20.2.3:me/admin@MY-COMPANY.COM LiteralValue::dump() 1.3.6.1.5.2.2:me/admin@MY-COMPANY.COM +LiteralValue::dump() +IP:2001:780:101:A00:211:11FF:FEE6:A5AF AuthorityInfoAccessExt::dump() ExtensionBase::dump() is Present = false -- To unsubscribe, e-mail: limal-commit+unsubscribe@opensuse.org For additional commands, e-mail: limal-commit+help@opensuse.org