Mailinglist Archive: limal-commit (5 mails)

< Previous Next >
[limal-commit] r2532 - in /limal-head/limal-ca-mgm: src/ testsuite/ testsuite/single.out/
  • From: mcalmer@xxxxxxxxxxxxxxxx
  • Date: Tue, 01 Jul 2008 10:04:05 -0000
  • Message-id: <20080701100405.557262A228@xxxxxxxxxxxxxxxx>
Author: mcalmer
Date: Tue Jul 1 12:04:04 2008
New Revision: 2532

URL: http://svn.opensuse.org/viewcvs/limal?rev=2532&view=rev
Log:
- LiteralValue IP can contain an IPv6 address
* rename initIPCheck to initIP4Check
* add initIP6Check
* modify extension parsing to parse IPv6 addresses
* modify testcase to test IPv6 addresses

Modified:
limal-head/limal-ca-mgm/src/LiteralValues.cpp
limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp
limal-head/limal-ca-mgm/src/Utils.hpp
limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc
limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc
limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out

Modified: limal-head/limal-ca-mgm/src/LiteralValues.cpp
URL:
http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/LiteralValues.cpp?rev=2532&r1=2531&r2=2532&view=diff
==============================================================================
--- limal-head/limal-ca-mgm/src/LiteralValues.cpp (original)
+++ limal-head/limal-ca-mgm/src/LiteralValues.cpp Tue Jul 1 12:04:04 2008
@@ -333,11 +333,16 @@
}
else if(m_impl->literalType == "IP")
{
- ValueCheck check = initIPCheck();
+ ValueCheck check = initIP4Check();
if(!check.isValid(m_impl->literalValue))
{
- LOGIT_DEBUG("Wrong LiteralValue for type 'IP': " <<
m_impl->literalValue);
- return false;
+ // IPv6 address is allowed too
+ check = initIP6Check();
+ if(!check.isValid(m_impl->literalValue))
+ {
+ LOGIT_DEBUG("Wrong LiteralValue for type 'IP':
" << m_impl->literalValue);
+ return false;
+ }
}
}
else if(m_impl->literalType == "1.3.6.1.4.1.311.20.2.3") // ms_upn
@@ -419,12 +424,17 @@
}
else if(m_impl->literalType == "IP")
{
- ValueCheck check = initIPCheck();
+ ValueCheck check = initIP4Check();
if(!check.isValid(m_impl->literalValue))
{
- LOGIT_DEBUG("Wrong LiteralValue for type 'IP': " <<
m_impl->literalValue);
- result.append(Format("Wrong LiteralValue for type 'IP':
%1",
- m_impl->literalValue).toString());
+ // IPv6 address is allowed too
+ check = initIP6Check();
+ if(!check.isValid(m_impl->literalValue))
+ {
+ LOGIT_DEBUG("Wrong LiteralValue for type 'IP':
" << m_impl->literalValue);
+ result.append(Format("Wrong LiteralValue for
type 'IP': %1",
+
m_impl->literalValue).toString());
+ }
}
}
else if(m_impl->literalType == "1.3.6.1.4.1.311.20.2.3") // ms_upn

Modified: limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp
URL:
http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp?rev=2532&r1=2531&r2=2532&view=diff
==============================================================================
--- limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp (original)
+++ limal-head/limal-ca-mgm/src/LiteralValues_Priv.cpp Tue Jul 1 12:04:04 2008
@@ -85,9 +85,10 @@
LiteralValue_Priv::LiteralValue_Priv(GENERAL_NAME *gen)
: LiteralValue()
{
- char oline[256];
+ char oline[256], htmp[5];
unsigned char *p = NULL;
int nid = 0;
+ int i;

ASN1_OBJECT *id_ms_san_upn;
ASN1_OBJECT *id_pkinit_san;
@@ -131,13 +132,29 @@
case GEN_IPADD:
p = gen->d.ip->data;
/* BUG: doesn't support IPV6 */
- if(gen->d.ip->length != 4) {
- LOGIT_ERROR("Invalid IP Address: maybe IPv6");
- BLOCXX_THROW(limal::SyntaxException, "Invalid IP
Address: maybe IPv6");
+ if(gen->d.ip->length == 4) {
+ BIO_snprintf(oline, sizeof oline,
+ "%d.%d.%d.%d", p[0], p[1],
p[2], p[3]);
+ }
+ else if(gen->d.ip->length == 16)
+ {
+ oline[0] = 0;
+ for (i = 0; i < 8; i++)
+ {
+ BIO_snprintf(htmp, sizeof htmp,
+ "%X", p[0] << 8 |
p[1]);
+ p += 2;
+ strcat(oline, htmp);
+ if (i != 7)
+ strcat(oline, ":");
+ }
+ }
+ else
+ {
+ LOGIT_ERROR("Invalid IP Address");
+ BLOCXX_THROW(limal::SyntaxException, "Invalid IP
Address");
break;
}
- BIO_snprintf(oline, sizeof oline,
- "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
setLiteral("IP", oline);
break;
case GEN_RID:

Modified: limal-head/limal-ca-mgm/src/Utils.hpp
URL:
http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/Utils.hpp?rev=2532&r1=2531&r2=2532&view=diff
==============================================================================
--- limal-head/limal-ca-mgm/src/Utils.hpp (original)
+++ limal-head/limal-ca-mgm/src/Utils.hpp Tue Jul 1 12:04:04 2008
@@ -145,13 +145,20 @@
return checkDNS;
}

-inline limal::ValueCheck initIPCheck() {
+inline limal::ValueCheck initIP4Check() {
limal::ValueCheck checkIP =
limal::ValueCheck(new
limal::ValuePosixRECheck("^([0-9]{1,3}\\.){3}[0-9]{1,3}$"));

return checkIP;
}

+inline limal::ValueCheck initIP6Check() {
+ limal::ValueCheck checkIP =
+ limal::ValueCheck(new
limal::ValuePosixRECheck("^([0-9a-fA-F]{0,4}:){7}[0-9a-fA-F]{0,4}$"));
+
+ return checkIP;
+}
+
inline limal::ValueCheck initAccessOIDCheck() {
limal::ValueCheck checkAccessOID =
limal::ValueCheck(new
limal::ValuePosixRECheck("^(OCSP|caIssuers)$"))

Modified: limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc
URL:
http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc?rev=2532&r1=2531&r2=2532&view=diff
==============================================================================
--- limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc (original)
+++ limal-head/limal-ca-mgm/testsuite/CertificateTest3.cc Tue Jul 1 12:04:04
2008
@@ -121,6 +121,7 @@

List<LiteralValue> list;
list.push_back(LiteralValue("IP", "164.34.35.184"));
+ list.push_back(LiteralValue("IP",
"2001:780:101:a00:211:11ff:fee6:a5af"));
list.push_back(LiteralValue("DNS", "ca.my-company.com"));
list.push_back(LiteralValue("RID", "1.2.3.4"));
list.push_back(LiteralValue("email", "me@xxxxxxxxxxxxxx"));

Modified: limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc
URL:
http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc?rev=2532&r1=2531&r2=2532&view=diff
==============================================================================
--- limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc (original)
+++ limal-head/limal-ca-mgm/testsuite/CertificateTest5.cc Tue Jul 1 12:04:04
2008
@@ -98,6 +98,7 @@
list.push_back(LiteralValue("1.3.6.1.5.2.2",
"me@xxxxxxxxxxxxxx")); // krb5PrincipalName
list.push_back(LiteralValue("1.3.6.1.4.1.311.20.2.3",
"me/admin@xxxxxxxxxxxxxx")); // ms_upn
list.push_back(LiteralValue("1.3.6.1.5.2.2",
"me/admin@xxxxxxxxxxxxxx")); // krb5PrincipalName
+ list.push_back(LiteralValue("IP",
"2001:780:101:a00:211:11ff:fee6:a5af")); // IPv6 address

cid.extensions().subjectAlternativeName().setCopyEmail(true);

cid.extensions().subjectAlternativeName().setAlternativeNameList(list);

Modified: limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out
URL:
http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out?rev=2532&r1=2531&r2=2532&view=diff
==============================================================================
--- limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out (original)
+++ limal-head/limal-ca-mgm/testsuite/single.out/CertificateTest5.out Tue Jul
1 12:04:04 2008
@@ -84,6 +84,8 @@
1.3.6.1.4.1.311.20.2.3:me/admin@xxxxxxxxxxxxxx
LiteralValue::dump()
1.3.6.1.5.2.2:me/admin@xxxxxxxxxxxxxx
+LiteralValue::dump()
+IP:2001:780:101:A00:211:11FF:FEE6:A5AF
IssuerAlternativeNameExt::dump()
ExtensionBase::dump()
is Present = true
@@ -103,6 +105,8 @@
1.3.6.1.4.1.311.20.2.3:me/admin@xxxxxxxxxxxxxx
LiteralValue::dump()
1.3.6.1.5.2.2:me/admin@xxxxxxxxxxxxxx
+LiteralValue::dump()
+IP:2001:780:101:A00:211:11FF:FEE6:A5AF
AuthorityInfoAccessExt::dump()
ExtensionBase::dump()
is Present = false

--
To unsubscribe, e-mail: limal-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: limal-commit+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
This Thread
  • No further messages