diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-04-05 09:04:11 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2012-04-05 09:04:11 +0200 |
commit | 4626e49ad9e02d969335ec18e60261126674abba (patch) | |
tree | 37726a26aa55dc5ef4f4d94520a06eba9e32eca2 | |
parent | 5ff99529e6927b0626874bf019e8fe21a0453078 (diff) | |
download | strongswan-4626e49ad9e02d969335ec18e60261126674abba.tar.bz2 strongswan-4626e49ad9e02d969335ec18e60261126674abba.tar.xz |
remove leading zero in ASN.1 encoded serial numbers
-rw-r--r-- | src/libcharon/plugins/stroke/stroke_list.c | 4 | ||||
-rw-r--r-- | src/pluto/ac.c | 4 | ||||
-rw-r--r-- | src/pluto/crl.c | 2 | ||||
-rw-r--r-- | src/pluto/keys.c | 4 | ||||
-rw-r--r-- | src/pluto/ocsp.c | 10 | ||||
-rw-r--r-- | src/pluto/x509.c | 2 |
6 files changed, 14 insertions, 12 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c index 1eaa0b8f7..7ba967aba 100644 --- a/src/libcharon/plugins/stroke/stroke_list.c +++ b/src/libcharon/plugins/stroke/stroke_list.c @@ -946,7 +946,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out) { fprintf(out, " hissuer: \"%Y\"\n", id); } - chunk = ac->get_holderSerial(ac); + chunk = chunk_skip_zero(ac->get_holderSerial(ac)); if (chunk.ptr) { fprintf(out, " hserial: %#B\n", &chunk); @@ -958,7 +958,7 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out) groups->destroy(groups); } fprintf(out, " issuer: \"%Y\"\n", cert->get_issuer(cert)); - chunk = ac->get_serial(ac); + chunk = chunk_skip_zero(ac->get_serial(ac)); fprintf(out, " serial: %#B\n", &chunk); /* list validity */ diff --git a/src/pluto/ac.c b/src/pluto/ac.c index 3339d91fb..cd8007aea 100644 --- a/src/pluto/ac.c +++ b/src/pluto/ac.c @@ -261,7 +261,7 @@ void ac_list_certs(bool utc) whack_log(RC_COMMENT, " hissuer: \"%Y\"", holderIssuer); } - holderSerial = ac->get_holderSerial(ac); + holderSerial = chunk_skip_zero(ac->get_holderSerial(ac)); if (holderSerial.ptr) { whack_log(RC_COMMENT, " hserial: %#B", &holderSerial); @@ -277,7 +277,7 @@ void ac_list_certs(bool utc) issuer = cert->get_issuer(cert); whack_log(RC_COMMENT, " issuer: \"%Y\"", issuer); - serial = ac->get_serial(ac); + serial = chunk_skip_zero(ac->get_serial(ac)); whack_log(RC_COMMENT, " serial: %#B", &serial); cert->get_validity(cert, &now, ¬Before, ¬After); diff --git a/src/pluto/crl.c b/src/pluto/crl.c index 38db0f2fd..c49b09e19 100644 --- a/src/pluto/crl.c +++ b/src/pluto/crl.c @@ -507,7 +507,7 @@ void list_crls(bool utc, bool strict) whack_log(RC_COMMENT, " "); whack_log(RC_COMMENT, " issuer: \"%Y\"", cert_crl->get_issuer(cert_crl)); - serial = crl->get_serial(crl); + serial = chunk_skip_zero(crl->get_serial(crl)); if (serial.ptr) { whack_log(RC_COMMENT, " serial: %#B", &serial); diff --git a/src/pluto/keys.c b/src/pluto/keys.c index 00976882d..c5adbfd11 100644 --- a/src/pluto/keys.c +++ b/src/pluto/keys.c @@ -1435,6 +1435,7 @@ void remove_x509_public_key(const cert_t *cert) void list_public_keys(bool utc) { pubkey_list_t *p = pubkeys; + chunk_t serial; if (p != NULL) { @@ -1465,7 +1466,8 @@ void list_public_keys(bool utc) } if (key->serial.len) { - whack_log(RC_COMMENT," serial: %#B", &key->serial); + serial = chunk_skip_zero(key->serial); + whack_log(RC_COMMENT," serial: %#B", &serial); } p = p->next; } diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c index d89bfdf01..c299e3d39 100644 --- a/src/pluto/ocsp.c +++ b/src/pluto/ocsp.c @@ -607,23 +607,23 @@ void list_ocsp_locations(ocsp_location_t *location, bool requests, } while (certinfo) { + chunk_t serial = chunk_skip_zero(certinfo->serialNumber); + if (requests) { whack_log(RC_COMMENT, " serial: %#B, %d trials", - &certinfo->serialNumber, certinfo->trials); + &serial, certinfo->trials); } else if (certinfo->once) { whack_log(RC_COMMENT, " serial: %#B, %s, once%s", - &certinfo->serialNumber, - cert_status_names[certinfo->status], + &serial, cert_status_names[certinfo->status], (certinfo->nextUpdate < time(NULL))? " (expired)": ""); } else { whack_log(RC_COMMENT, " serial: %#B, %s, until %T %s", - &certinfo->serialNumber, - cert_status_names[certinfo->status], + &serial, cert_status_names[certinfo->status], &certinfo->nextUpdate, utc, check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict)); } diff --git a/src/pluto/x509.c b/src/pluto/x509.c index 7e2aca862..f017e5775 100644 --- a/src/pluto/x509.c +++ b/src/pluto/x509.c @@ -410,7 +410,7 @@ void list_x509cert_chain(const char *caption, cert_t* cert, certificate->get_subject(certificate)); whack_log(RC_COMMENT, " issuer: \"%Y\"", certificate->get_issuer(certificate)); - serial = x509->get_serial(x509); + serial = chunk_skip_zero(x509->get_serial(x509)); whack_log(RC_COMMENT, " serial: %#B", &serial); /* list validity */ |