forked from osmocom/wireshark
318 lines
9.1 KiB
INI
318 lines
9.1 KiB
INI
# x509if.cnf
|
|
# X509IF conformation file
|
|
|
|
# $Id$
|
|
|
|
#.IMPORT ../x509sat/x509sat-exp.cnf
|
|
|
|
#.EXPORTS
|
|
AllowedSubset
|
|
Attribute
|
|
AttributeCombination
|
|
AttributeType
|
|
AttributeTypeAndDistinguishedValue
|
|
AttributeTypeAssertion
|
|
AttributeUsage
|
|
AttributeValue
|
|
AttributeValueAssertion
|
|
#BaseDistance
|
|
ChopSpecification
|
|
Context
|
|
ContextAssertion
|
|
ContextCombination
|
|
ContextProfile
|
|
ControlOptions
|
|
DistinguishedName
|
|
DITContentRule
|
|
DITContextUse
|
|
DITStructureRule
|
|
EntryLimit
|
|
ImposedSubset
|
|
LocalName
|
|
Mapping
|
|
MatchingUse
|
|
MRMapping
|
|
MRSubstitution
|
|
Name
|
|
OutputValues
|
|
Refinement
|
|
RelativeDistinguishedName
|
|
RelaxationPolicy
|
|
RDNSequence
|
|
RequestAttribute
|
|
ResultAttribute
|
|
RuleIdentifier
|
|
SearchRule
|
|
SearchRuleDescription
|
|
SearchRuleId
|
|
SubtreeSpecification
|
|
|
|
#.PDU
|
|
DistinguishedName
|
|
Name
|
|
|
|
#.NO_EMIT
|
|
|
|
#.TYPE_RENAME
|
|
AttributeTypeAndDistinguishedValue/valuesWithContext T_valWithContext
|
|
AttributeTypeAndDistinguishedValue/valuesWithContext/_item T_valWithContext_item
|
|
ChopSpecification/specificExclusions T_chopSpecificExclusions
|
|
ChopSpecification/specificExclusions/_item T_chopSpecificExclusions_item
|
|
|
|
#.FIELD_RENAME
|
|
AttributeTypeAssertion/assertedContexts ata_assertedContexts
|
|
AttributeTypeAndDistinguishedValue/value atadv_value
|
|
AttributeTypeAndDistinguishedValue/valuesWithContext valueswithContext
|
|
AttributeTypeAndDistinguishedValue/valuesWithContext/_item valueswithContext_item
|
|
ChopSpecification/specificExclusions chopSpecificExclusions
|
|
ChopSpecification/specificExclusions/_item chopSpecificExclusions_item
|
|
Refinement/and refinement_and
|
|
Refinement/and/_item refinement_and_item
|
|
Refinement/not refinement_not
|
|
Refinement/or refinement_or
|
|
Refinement/or/_item refinement_or_item
|
|
ContextAssertion/contextType ca_contextType
|
|
ContextAssertion/contextValues ca_contextValues
|
|
ContextAssertion/contextValues/_item ca_contextValues_item
|
|
ContextCombination/not contextcombination_not
|
|
ContextCombination/and contextcombination_and
|
|
ContextCombination/and/_item contextcombination_and_item
|
|
ContextCombination/or contextcombination_or
|
|
ContextCombination/or/_item contextcombination_or_item
|
|
RelaxationPolicy/maximum maximum_relaxation
|
|
RelaxationPolicy/minimum minimum_relaxation
|
|
RequestAttribute/defaultValues/_item/values ra_values
|
|
RequestAttribute/defaultValues/_item/values/_item ra_values_item
|
|
RequestAttribute/selectedValues ra_selectedValues
|
|
RequestAttribute/selectedValues/_item ra_selectedValues_item
|
|
|
|
#.REGISTER
|
|
DistinguishedName B "2.5.4.1" "id-at-aliasedEntryName"
|
|
DistinguishedName B "2.5.4.31" "id-at-member"
|
|
DistinguishedName B "2.5.4.32" "id-at-owner"
|
|
DistinguishedName B "2.5.4.33" "id-at-roleOccupant"
|
|
DistinguishedName B "2.5.4.34" "id-at-seeAlso"
|
|
DistinguishedName B "2.5.4.49" "id-at-distinguishedName"
|
|
|
|
DistinguishedName B "2.5.18.3" "id-oa-creatorsName"
|
|
DistinguishedName B "2.5.18.4" "id-oa-modifiersName"
|
|
SubtreeSpecification B "2.5.18.6" "id-oa-subtreeSpecification"
|
|
DistinguishedName B "2.5.18.10" "id-oa-subschemaSubentry"
|
|
DistinguishedName B "2.5.18.11" "id-oa-accessControlSubentry"
|
|
DistinguishedName B "2.5.18.12" "id-oa-collectiveAttributeSubentry"
|
|
DistinguishedName B "2.5.18.13" "id-oa-contextDefaultSubentry"
|
|
|
|
# X402 - see master list in acp133.cnf
|
|
DistinguishedName B "2.6.5.2.5" "id-at-mhs-message-store-dn"
|
|
DistinguishedName B "2.6.5.2.14" "id-at-mhs-dl-related-lists"
|
|
|
|
# ACP133 - see master list in acp133.cnf
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.3" "id-at-alternateRecipient"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.4" "id-at-associatedOrganization"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.6" "id-at-associatedPLA"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.49" "id-at-aliasPointer"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.61" "id-at-listPointer"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.110" "id-at-administrator"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.111" "id-at-aigsExpanded"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.113" "id-at-associatedAL"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.114" "id-at-copyMember"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.117" "id-at-guard"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.121" "id-at-networkDN"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.138" "id-at-plasServed"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.139" "id-at-deployed"
|
|
DistinguishedName B "2.16.840.1.101.2.2.1.140" "id-at-garrison"
|
|
|
|
|
|
|
|
#.FN_PARS ContextId
|
|
FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id
|
|
|
|
#.FN_BODY ContextValue
|
|
offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
|
|
|
|
#.FN_PARS AttributeId
|
|
FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id
|
|
|
|
#.FN_BODY AttributeId
|
|
const char *fmt;
|
|
const char *name;
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
if(object_identifier_id) {
|
|
/* see if we can find a nice name */
|
|
name = oid_resolved_from_string(object_identifier_id);
|
|
if(!name) name = object_identifier_id;
|
|
|
|
if(doing_dn) { /* append it to the RDN */
|
|
g_strlcat(last_rdn, name, MAX_RDN_STR_LEN);
|
|
g_strlcat(last_rdn, "=", MAX_RDN_STR_LEN);
|
|
|
|
/* append it to the tree */
|
|
proto_item_append_text(tree, " (%%s=", name);
|
|
}
|
|
|
|
if(doing_attr) {
|
|
/* append it to the parent item */
|
|
proto_item_append_text(tree, " (%%s)", name);
|
|
}
|
|
|
|
if((fmt = val_to_str(hf_index, fmt_vals, "")) && *fmt) {
|
|
/* we have a format */
|
|
last_ava = ep_alloc(MAX_AVA_STR_LEN); *last_ava = '\0';
|
|
|
|
g_snprintf(last_ava, MAX_AVA_STR_LEN, "%%s %%s", name, fmt);
|
|
|
|
proto_item_append_text(tree, " %%s", last_ava);
|
|
|
|
}
|
|
}
|
|
|
|
#.FN_BODY AttributeValue
|
|
int old_offset = offset;
|
|
tvbuff_t *out_tvb;
|
|
char *value = NULL;
|
|
const char *fmt;
|
|
const char *name = NULL;
|
|
const char *orig_oid = object_identifier_id;
|
|
|
|
offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
|
|
|
|
/* in dissecting the value we may have overridden the OID of the value - which is
|
|
a problem if there are multiple values */
|
|
object_identifier_id = orig_oid;
|
|
|
|
/* try and dissect as a string */
|
|
dissect_ber_octet_string(FALSE, actx, NULL, tvb, old_offset, hf_x509if_any_string, &out_tvb);
|
|
|
|
/* should also try and dissect as an OID and integer */
|
|
/* of course, if I can look up the syntax .... */
|
|
|
|
if(out_tvb) {
|
|
/* it was a string - format it */
|
|
value = tvb_format_text(out_tvb, 0, tvb_length(out_tvb));
|
|
|
|
if(doing_dn) {
|
|
g_strlcat(last_rdn, value, MAX_RDN_STR_LEN);
|
|
|
|
/* append it to the tree*/
|
|
proto_item_append_text(tree, "%%s)", value);
|
|
}
|
|
|
|
if((fmt = val_to_str(ava_hf_index, fmt_vals, "")) && *fmt) {
|
|
/* we have a format */
|
|
|
|
if(!(name = oid_resolved_from_string(object_identifier_id)))
|
|
name = object_identifier_id;
|
|
g_snprintf(last_ava, MAX_AVA_STR_LEN, "%%s %%s %%s", name, fmt, value);
|
|
|
|
proto_item_append_text(tree, " %%s", last_ava);
|
|
|
|
}
|
|
}
|
|
|
|
#.FN_BODY SelectedValues
|
|
offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
|
|
|
|
#.FN_PARS DefaultValueType
|
|
FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id
|
|
|
|
#.FN_BODY DefaultValueValues
|
|
offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree);
|
|
|
|
#.FN_BODY ValuesWithContextValue
|
|
offset=call_ber_oid_callback("unknown", tvb, offset, actx->pinfo, tree);
|
|
|
|
#.FN_BODY RelativeDistinguishedName
|
|
char *temp_dn;
|
|
|
|
rdn_one_value = FALSE;
|
|
top_of_rdn = tree;
|
|
last_rdn = ep_alloc(MAX_DN_STR_LEN); *last_rdn = '\0';
|
|
doing_dn = TRUE;
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
/* we've finished - close the bracket */
|
|
proto_item_append_text(top_of_rdn, " (%%s)", last_rdn);
|
|
|
|
/* now append this to the DN */
|
|
if (last_dn) {
|
|
if(*last_dn) {
|
|
temp_dn = ep_alloc(MAX_DN_STR_LEN); /* is there a better way to use ep_alloc here ? */
|
|
g_snprintf(temp_dn, MAX_DN_STR_LEN, "%%s,%%s", last_rdn, last_dn);
|
|
last_dn[0] = '\0';
|
|
g_strlcat(last_dn, temp_dn, MAX_DN_STR_LEN);
|
|
} else {
|
|
g_strlcat(last_dn, last_rdn, MAX_DN_STR_LEN);
|
|
}
|
|
}
|
|
|
|
doing_dn = FALSE;
|
|
last_rdn = NULL; /* it will get freed when the next packet is dissected */
|
|
|
|
#.FN_BODY RelativeDistinguishedName/_item
|
|
|
|
if(!rdn_one_value) {
|
|
top_of_rdn = tree;
|
|
} else {
|
|
|
|
if(doing_dn)
|
|
/* this is an additional value - delimit */
|
|
g_strlcat(last_rdn, "+", MAX_RDN_STR_LEN);
|
|
}
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
rdn_one_value = TRUE;
|
|
|
|
#.FN_BODY RDNSequence
|
|
const char *fmt;
|
|
|
|
dn_one_rdn = FALSE; /* reset */
|
|
last_dn = ep_alloc(MAX_DN_STR_LEN); *last_dn = '\0';
|
|
top_of_dn = NULL;
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
/* we've finished - append the dn */
|
|
proto_item_append_text(top_of_dn, " (%%s)", last_dn);
|
|
|
|
/* see if we should append this to the col info */
|
|
if(check_col(actx->pinfo->cinfo, COL_INFO) &&
|
|
(fmt = val_to_str(hf_index, fmt_vals, "")) && *fmt) {
|
|
/* we have a format */
|
|
col_append_fstr(actx->pinfo->cinfo, COL_INFO, " %%s%%s", fmt, last_dn);
|
|
}
|
|
|
|
|
|
#.FN_BODY RDNSequence/_item
|
|
|
|
if(!dn_one_rdn) {
|
|
/* this is the first element - record the top */
|
|
top_of_dn = tree;
|
|
}
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
dn_one_rdn = TRUE;
|
|
|
|
#.FN_BODY AttributeValueAssertion
|
|
|
|
ava_hf_index = hf_index;
|
|
last_ava = ep_alloc(MAX_AVA_STR_LEN); *last_ava = '\0';
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
ava_hf_index=-1;
|
|
|
|
#.FN_BODY Attribute
|
|
doing_attr = TRUE;
|
|
|
|
%(DEFAULT_BODY)s
|
|
|
|
doing_attr = FALSE;
|
|
#.END
|
|
|
|
|