Andreas Steffen
6d087b33de
libstrongswan: xmppaddr prefix designates an xmppAddr otherName ID type
2018-05-30 17:25:28 +02:00
Tobias Brunner
c782d367c6
asn1: Add additional OIDs seen in certificate DNs
2017-11-02 10:02:26 +01:00
Tobias Brunner
95a63bf281
Migrate all enumerators to venumerate() interface change
2017-05-26 13:56:44 +02:00
Tobias Brunner
a366fa365e
identification: Compare identity types when comparing ID_FQDN/ID_RFC822_ADDR identities
...
References #1380 .
2016-06-06 13:49:41 +02:00
Yannick Cann
49fa6ebf1c
identification: Add support for dmdName RDN (2.5.4.54)
...
It's listed in RFC 2256 but was later removed with RFC 4519, but there
are still some certs that use it.
Closes strongswan/strongswan#43 .
2016-04-25 17:06:04 +02:00
Tobias Brunner
0fc8b1d03e
identification: Make `written` signed to fix error checking when printing ranges
2016-03-11 10:09:02 +01:00
Andreas Steffen
1d86d1d65a
Implemented IPv4/IPv6 subnet and range identities
...
The IKEv1 IPV4_ADDR_SUBNET, IPV6_ADDR_SUBNET, IPV4_ADDR_RANGE and
IPV6_ADDR_RANGE identities have been fully implemented and can be
used as owners of shared secrets (PSKs).
2016-03-10 13:59:37 +01:00
Andreas Steffen
7c81942357
Support pseudonym RDN
2016-01-27 11:38:18 +01:00
Tobias Brunner
017dbb1c5e
identification: Remove unused ID_USER_ID type
2015-08-17 11:49:12 +02:00
Tobias Brunner
9593b57ca3
identification: Use UTF8String instead of the legacy T61String to encode DNs
...
When strings in RDNs contain characters outside the character set for
PrintableString use UTF8String as the passed string is most likely in
that encoding (RFC 5280 actually recommends to use only those two
string types).
2015-08-06 17:25:07 +02:00
Tobias Brunner
520fba4899
identification: Add hash() method
...
Compared to hashing the encoding we can ignore string types of RDNs when
hashing DNs, making hash() compatible to equals() that does the same.
Fixes #991 .
2015-08-06 17:22:32 +02:00
Martin Willi
6528338753
identification: Support custom types in string constructor prefixes
2014-10-30 11:07:08 +01:00
Martin Willi
c0da835a9f
identification: Support prefixes in string constructors for an explicit type
2014-10-30 11:05:44 +01:00
Tobias Brunner
aba55fdffe
identification: Only use either , or / to separate RDNs
...
If a DN starts with a slash (or whitespace and a slash) slashes will
be used, otherwise commas.
2014-06-18 09:24:03 +02:00
Martin Willi
922ee2c529
windows: Add a common Windows header for platform specific wrappers
...
Include some more basic system headers in utils.h, so we can use that common
header on the different platforms.
2014-06-03 12:24:34 +02:00
Tobias Brunner
5e75f50b70
identification: Fix printing of empty RDNs on FreeBSD
...
On FreeBSD (null) is printed for NULL even if the precision is 0.
2014-02-12 13:45:42 +01:00
Martin Willi
7f4a13fffb
identification: Properly check length before comparing for binary DN equality
...
Fixes CVE-2013-6075.
2013-10-31 21:57:07 +01:00
Martin Willi
cb6c4e0430
identification: parse identities having a "@@" prefix as ID_RFC822_ADDR
...
Original patch by Gerald Richter.
2013-07-18 16:45:10 +02:00
Tobias Brunner
b1abf22bd0
Fail DN parsing if OID is unterminated
...
This is the case if the last OID is not followed by a = or if the string
starts with a =.
2013-06-11 11:03:12 +02:00
Tobias Brunner
f00c350688
Fix DN printing if last RDN has an empty value
2013-06-11 11:03:12 +02:00
Tobias Brunner
10584df24f
Fix DN parsing if last RDN has an empty value
2013-06-11 11:03:12 +02:00
Tobias Brunner
c04498b608
Fix output of ASN.1 GN
2013-06-11 11:03:12 +02:00
Tobias Brunner
78c37de15a
Use chunk_from_str in identification_from_string
...
We always have a non-empty string in those cases as "" is now handled
as ID_ANY.
2013-06-11 11:03:12 +02:00
Tobias Brunner
456a31e895
Parse empty string as ID_ANY
2013-06-11 11:03:12 +02:00
Andreas Steffen
c88104aa25
make TNC Access Requestor ID available to IMVs
2013-03-03 17:18:09 +01:00
Tobias Brunner
a05f3b2021
Make sure first argument is an int when using %.*s to print e.g. chunks
2012-09-28 18:01:49 +02:00
Martin Willi
1b40b74de0
Pass opaque data to printf hooks and print_in_hook()
2012-07-13 13:23:29 +02:00
Tobias Brunner
9e9295ed10
Properly handle empty RDN values in DN strings.
2012-06-07 16:50:11 +02:00
Tobias Brunner
ef511fc03d
Add support for dnQualifier in DNs.
2012-03-29 10:01:55 +02:00
Andreas Steffen
a30e025901
support unstructuredAddress in left|rightid
2011-04-18 23:40:31 +02:00
Martin Willi
7721fc6695
Do not print empty DN identities as invalid
2011-01-05 16:46:07 +01:00
Martin Willi
4332b5af89
Do not strdup() zero length strings in identification_create_from_string()
2010-08-31 15:34:45 +02:00
Martin Willi
018543f3a8
Fix use of snprintf() in identification DN to ASCII conversion
2010-07-28 10:54:47 +02:00
Martin Willi
4172574bfb
Use the group constraint in a more generic fashion, not only for attribute certificates
2010-07-05 09:41:04 +02:00
Martin Willi
f7c32feec0
Renamed clone function to avoid name clash with uclibc
2010-04-07 14:54:22 +02:00
Martin Willi
2fcb2cc653
Migrated identification_t to INIT/METHOD macros
2009-12-21 15:24:08 +01:00
Martin Willi
324528700d
Added identification constructor using a chunk of data, guessing id type
2009-11-12 10:34:01 +01:00
Andreas Steffen
fef3b0b7fd
display printable characters in dntoa()
2009-11-04 20:17:12 +01:00
Andreas Steffen
930443afff
moved attribute_manager to libstrongswan
2009-10-13 13:46:27 +02:00
Andreas Steffen
4b4f8bd732
created identification_create_from_sockaddr() function
2009-10-09 00:13:28 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Martin Willi
1ef69b01ab
removed obsolete fingerprint identification types
2009-08-26 11:23:52 +02:00
Andreas Steffen
fc0ed07c1f
pruned OID tree
2009-08-18 18:24:26 +02:00
Andreas Steffen
c8b543a6fc
fixed wrong emailAddress OID introduced by revision c31687da
2009-08-18 17:52:00 +02:00
Martin Willi
3d2f73b92f
parse RDNs in multiple SEQUENCEs in all SETs of a DN
2009-08-03 15:24:48 +02:00
Tobias Brunner
fd0df7ec75
Corrected check for valid ASN1 types in rdn_enumerate.
...
Because of the range of u_char the comparison was always TRUE before.
2009-07-14 12:09:22 +02:00
Andreas Steffen
d44b03563a
double free caused strange side effects
2009-07-13 20:28:36 +02:00
Andreas Steffen
5c49289e27
great, I got my comma back
2009-07-12 21:08:37 +02:00
Martin Willi
2d00984d73
added missing equals() method assignment for ID_ANY identities
2009-07-07 13:42:22 +02:00
Martin Willi
0c31b9db84
centralized ID type specific method assignement in generic constructor
2009-07-06 13:15:29 +02:00