6d087b33de
libstrongswan: xmppaddr prefix designates an xmppAddr otherName ID type
2018-05-30 17:25:28 +02:00
c782d367c6
asn1: Add additional OIDs seen in certificate DNs
2017-11-02 10:02:26 +01:00
95a63bf281
Migrate all enumerators to venumerate() interface change
2017-05-26 13:56:44 +02:00
a366fa365e
identification: Compare identity types when comparing ID_FQDN/ID_RFC822_ADDR identities
...
References #1380 .
2016-06-06 13:49:41 +02:00
49fa6ebf1c
identification: Add support for dmdName RDN (2.5.4.54)
...
It's listed in RFC 2256 but was later removed with RFC 4519, but there
are still some certs that use it.
Closes strongswan/strongswan#43 .
2016-04-25 17:06:04 +02:00
0fc8b1d03e
identification: Make `written` signed to fix error checking when printing ranges
2016-03-11 10:09:02 +01:00
1d86d1d65a
Implemented IPv4/IPv6 subnet and range identities
...
The IKEv1 IPV4_ADDR_SUBNET, IPV6_ADDR_SUBNET, IPV4_ADDR_RANGE and
IPV6_ADDR_RANGE identities have been fully implemented and can be
used as owners of shared secrets (PSKs).
2016-03-10 13:59:37 +01:00
7c81942357
Support pseudonym RDN
2016-01-27 11:38:18 +01:00
017dbb1c5e
identification: Remove unused ID_USER_ID type
2015-08-17 11:49:12 +02:00
9593b57ca3
identification: Use UTF8String instead of the legacy T61String to encode DNs
...
When strings in RDNs contain characters outside the character set for
PrintableString use UTF8String as the passed string is most likely in
that encoding (RFC 5280 actually recommends to use only those two
string types).
2015-08-06 17:25:07 +02:00
520fba4899
identification: Add hash() method
...
Compared to hashing the encoding we can ignore string types of RDNs when
hashing DNs, making hash() compatible to equals() that does the same.
Fixes #991 .
2015-08-06 17:22:32 +02:00
6528338753
identification: Support custom types in string constructor prefixes
2014-10-30 11:07:08 +01:00
c0da835a9f
identification: Support prefixes in string constructors for an explicit type
2014-10-30 11:05:44 +01:00
aba55fdffe
identification: Only use either , or / to separate RDNs
...
If a DN starts with a slash (or whitespace and a slash) slashes will
be used, otherwise commas.
2014-06-18 09:24:03 +02:00
922ee2c529
windows: Add a common Windows header for platform specific wrappers
...
Include some more basic system headers in utils.h, so we can use that common
header on the different platforms.
2014-06-03 12:24:34 +02:00
5e75f50b70
identification: Fix printing of empty RDNs on FreeBSD
...
On FreeBSD (null) is printed for NULL even if the precision is 0.
2014-02-12 13:45:42 +01:00
7f4a13fffb
identification: Properly check length before comparing for binary DN equality
...
Fixes CVE-2013-6075.
2013-10-31 21:57:07 +01:00
cb6c4e0430
identification: parse identities having a "@@" prefix as ID_RFC822_ADDR
...
Original patch by Gerald Richter.
2013-07-18 16:45:10 +02:00
b1abf22bd0
Fail DN parsing if OID is unterminated
...
This is the case if the last OID is not followed by a = or if the string
starts with a =.
2013-06-11 11:03:12 +02:00
f00c350688
Fix DN printing if last RDN has an empty value
2013-06-11 11:03:12 +02:00
10584df24f
Fix DN parsing if last RDN has an empty value
2013-06-11 11:03:12 +02:00
c04498b608
Fix output of ASN.1 GN
2013-06-11 11:03:12 +02:00
78c37de15a
Use chunk_from_str in identification_from_string
...
We always have a non-empty string in those cases as "" is now handled
as ID_ANY.
2013-06-11 11:03:12 +02:00
456a31e895
Parse empty string as ID_ANY
2013-06-11 11:03:12 +02:00
c88104aa25
make TNC Access Requestor ID available to IMVs
2013-03-03 17:18:09 +01:00
a05f3b2021
Make sure first argument is an int when using %.*s to print e.g. chunks
2012-09-28 18:01:49 +02:00
1b40b74de0
Pass opaque data to printf hooks and print_in_hook()
2012-07-13 13:23:29 +02:00
9e9295ed10
Properly handle empty RDN values in DN strings.
2012-06-07 16:50:11 +02:00
ef511fc03d
Add support for dnQualifier in DNs.
2012-03-29 10:01:55 +02:00
a30e025901
support unstructuredAddress in left|rightid
2011-04-18 23:40:31 +02:00
7721fc6695
Do not print empty DN identities as invalid
2011-01-05 16:46:07 +01:00
4332b5af89
Do not strdup() zero length strings in identification_create_from_string()
2010-08-31 15:34:45 +02:00
018543f3a8
Fix use of snprintf() in identification DN to ASCII conversion
2010-07-28 10:54:47 +02:00
4172574bfb
Use the group constraint in a more generic fashion, not only for attribute certificates
2010-07-05 09:41:04 +02:00
f7c32feec0
Renamed clone function to avoid name clash with uclibc
2010-04-07 14:54:22 +02:00
2fcb2cc653
Migrated identification_t to INIT/METHOD macros
2009-12-21 15:24:08 +01:00
324528700d
Added identification constructor using a chunk of data, guessing id type
2009-11-12 10:34:01 +01:00
fef3b0b7fd
display printable characters in dntoa()
2009-11-04 20:17:12 +01:00
930443afff
moved attribute_manager to libstrongswan
2009-10-13 13:46:27 +02:00
4b4f8bd732
created identification_create_from_sockaddr() function
2009-10-09 00:13:28 +02:00
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
1ef69b01ab
removed obsolete fingerprint identification types
2009-08-26 11:23:52 +02:00
fc0ed07c1f
pruned OID tree
2009-08-18 18:24:26 +02:00
c8b543a6fc
fixed wrong emailAddress OID introduced by revision c31687da
2009-08-18 17:52:00 +02:00
3d2f73b92f
parse RDNs in multiple SEQUENCEs in all SETs of a DN
2009-08-03 15:24:48 +02:00
fd0df7ec75
Corrected check for valid ASN1 types in rdn_enumerate.
...
Because of the range of u_char the comparison was always TRUE before.
2009-07-14 12:09:22 +02:00
d44b03563a
double free caused strange side effects
2009-07-13 20:28:36 +02:00
5c49289e27
great, I got my comma back
2009-07-12 21:08:37 +02:00
2d00984d73
added missing equals() method assignment for ID_ANY identities
2009-07-07 13:42:22 +02:00
0c31b9db84
centralized ID type specific method assignement in generic constructor
2009-07-06 13:15:29 +02:00
Andreas Steffen