conversion from 8 spaces to 4 spaces per tab

author: Andreas Steffen <andreas.steffen@strongswan.org> 2009-04-19 19:16:09 +0000
committer: Andreas Steffen <andreas.steffen@strongswan.org> 2009-04-19 19:16:09 +0000
commit: 3d7a244b5470e104539580c7bc489d7b581430eb (patch)
tree: db1d6a47dc7d040610f94351af857ef83f05ed39 /src/scepclient/scep.c
parent: d940c7638cb964aaa66bdf96af803c678c5522c3 (diff)
download: strongswan-3d7a244b5470e104539580c7bc489d7b581430eb.tar.bz2
strongswan-3d7a244b5470e104539580c7bc489d7b581430eb.tar.xz
1 files changed, 379 insertions, 379 deletions
diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c
index f603b5c29..1d921ba99 100644
--- a/src/scepclient/scep.c
+++ b/src/scepclient/scep.c
@@ -41,23 +41,23 @@
 #include "scep.h"
 
 static char ASN1_messageType_oid_str[] = {
-    0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02
+	0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02
 };
 
 static char ASN1_senderNonce_oid_str[] = {
-    0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05
+	0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05
 };
 
 static char ASN1_transId_oid_str[] = {
-    0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07
+	0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07
 };
 
 static const chunk_t ASN1_messageType_oid =
-			chunk_from_buf(ASN1_messageType_oid_str);
+						chunk_from_buf(ASN1_messageType_oid_str);
 static const chunk_t ASN1_senderNonce_oid =
-			chunk_from_buf(ASN1_senderNonce_oid_str);
+						chunk_from_buf(ASN1_senderNonce_oid_str);
 static const chunk_t ASN1_transId_oid =
-			chunk_from_buf(ASN1_transId_oid_str);
+						chunk_from_buf(ASN1_transId_oid_str);
 
 static const char *pkiStatus_values[] = { "0", "2", "3" };
 
@@ -99,18 +99,18 @@ const scep_attributes_t empty_scep_attributes = {
 /* ASN.1 definition of the X.501 atttribute type */
 
 static const asn1Object_t attributesObjects[] = {
-  { 0, "attributes",	ASN1_SET,	ASN1_LOOP }, /* 0 */
-  { 1,   "attribute",	ASN1_SEQUENCE,	ASN1_NONE }, /* 1 */
-  { 2,     "type", 	ASN1_OID,	ASN1_BODY }, /* 2 */
-  { 2,     "values", 	ASN1_SET,	ASN1_LOOP }, /* 3 */
-  { 3,       "value", 	ASN1_EOC,	ASN1_RAW  }, /* 4 */
-  { 2,     "end loop", 	ASN1_EOC,	ASN1_END  }, /* 5 */
-  { 0, "end loop", 	ASN1_EOC,	ASN1_END  }, /* 6 */
+  { 0, "attributes",    ASN1_SET,       ASN1_LOOP }, /* 0 */
+  { 1,   "attribute",   ASN1_SEQUENCE,  ASN1_NONE }, /* 1 */
+  { 2,     "type",      ASN1_OID,       ASN1_BODY }, /* 2 */
+  { 2,     "values",    ASN1_SET,       ASN1_LOOP }, /* 3 */
+  { 3,       "value",   ASN1_EOC,       ASN1_RAW  }, /* 4 */
+  { 2,     "end loop",  ASN1_EOC,       ASN1_END  }, /* 5 */
+  { 0, "end loop",      ASN1_EOC,       ASN1_END  }, /* 6 */
 };
 
-#define ATTRIBUTE_OBJ_TYPE 	2
-#define ATTRIBUTE_OBJ_VALUE	4
-#define ATTRIBUTE_OBJ_ROOF	7
+#define ATTRIBUTE_OBJ_TYPE      2
+#define ATTRIBUTE_OBJ_VALUE     4
+#define ATTRIBUTE_OBJ_ROOF      7
 
 /*
  * extract and store an attribute
@@ -119,112 +119,112 @@ static bool
 extract_attribute(int oid, chunk_t object, u_int level
 , scep_attributes_t *attrs)
 {
-    asn1_t type = ASN1_EOC;
-    const char *name = "none";
-
-    switch (oid)
-    {
-    case OID_PKCS9_CONTENT_TYPE:
-	type = ASN1_OID;
-	name = "contentType";
-	break;
-    case OID_PKCS9_SIGNING_TIME:
-	type = ASN1_UTCTIME;
-	name = "signingTime";
-	break;
-    case OID_PKCS9_MESSAGE_DIGEST:
-	type = ASN1_OCTET_STRING;
-	name = "messageDigest";
-	break;
-    case OID_PKI_MESSAGE_TYPE:
-	type = ASN1_PRINTABLESTRING;
-	name = "messageType";
-	break;
-    case OID_PKI_STATUS:
-	type = ASN1_PRINTABLESTRING;
-	name = "pkiStatus";
-	break;
-    case OID_PKI_FAIL_INFO:
-	type = ASN1_PRINTABLESTRING;
-	name = "failInfo";
-	break;
-    case OID_PKI_SENDER_NONCE:
-	type = ASN1_OCTET_STRING;
-	name = "senderNonce";
-	 break;
-    case OID_PKI_RECIPIENT_NONCE:
-	type = ASN1_OCTET_STRING;
-	name = "recipientNonce";
-	break;
-    case OID_PKI_TRANS_ID:
-	type = ASN1_PRINTABLESTRING;
-	name = "transID";
-	break;
-    default:
-	break;
-    }
-
-    if (type == ASN1_EOC)
-	return TRUE;
-
-    if (!parse_asn1_simple_object(&object, type, level+1, name))
-	return FALSE;
+	asn1_t type = ASN1_EOC;
+	const char *name = "none";
 
-    switch (oid)
-    {
-    case OID_PKCS9_CONTENT_TYPE:
-	break;
-    case OID_PKCS9_SIGNING_TIME:
-	break;
-    case OID_PKCS9_MESSAGE_DIGEST:
-	break;
-    case OID_PKI_MESSAGE_TYPE:
+	switch (oid)
 	{
-	    scep_msg_t m;
-
-	    for (m = SCEP_CertRep_MSG; m < SCEP_Unknown_MSG; m++)
-	    {
-		if (strncmp(msgType_values[m], object.ptr, object.len) == 0)
-		    attrs->msgType = m;
-	    }
-	    DBG(DBG_CONTROL,
-		DBG_log("messageType:  %s", msgType_names[attrs->msgType])
-	    )
+	case OID_PKCS9_CONTENT_TYPE:
+		type = ASN1_OID;
+		name = "contentType";
+		break;
+	case OID_PKCS9_SIGNING_TIME:
+		type = ASN1_UTCTIME;
+		name = "signingTime";
+		break;
+	case OID_PKCS9_MESSAGE_DIGEST:
+		type = ASN1_OCTET_STRING;
+		name = "messageDigest";
+		break;
+	case OID_PKI_MESSAGE_TYPE:
+		type = ASN1_PRINTABLESTRING;
+		name = "messageType";
+		break;
+	case OID_PKI_STATUS:
+		type = ASN1_PRINTABLESTRING;
+		name = "pkiStatus";
+		break;
+	case OID_PKI_FAIL_INFO:
+		type = ASN1_PRINTABLESTRING;
+		name = "failInfo";
+		break;
+	case OID_PKI_SENDER_NONCE:
+		type = ASN1_OCTET_STRING;
+		name = "senderNonce";
+		 break;
+	case OID_PKI_RECIPIENT_NONCE:
+		type = ASN1_OCTET_STRING;
+		name = "recipientNonce";
+		break;
+	case OID_PKI_TRANS_ID:
+		type = ASN1_PRINTABLESTRING;
+		name = "transID";
+		break;
+	default:
+		break;
 	}
-	break;
-    case OID_PKI_STATUS:
-	{
-	    pkiStatus_t s;
-
-	    for (s = SCEP_SUCCESS; s < SCEP_UNKNOWN; s++)
-	    {
-		if (strncmp(pkiStatus_values[s], object.ptr, object.len) == 0)
-		    attrs->pkiStatus = s;
-	    }
-	    DBG(DBG_CONTROL,
-		DBG_log("pkiStatus:    %s", pkiStatus_names[attrs->pkiStatus])
-	    )
-	}
-	break;
-    case OID_PKI_FAIL_INFO:
-	if (object.len == 1
-	&& *object.ptr >= '0' && *object.ptr <= '4')
+
+	if (type == ASN1_EOC)
+		return TRUE;
+
+	if (!parse_asn1_simple_object(&object, type, level+1, name))
+		return FALSE;
+
+	switch (oid)
 	{
-	    attrs->failInfo = (failInfo_t)(*object.ptr - '0');
+	case OID_PKCS9_CONTENT_TYPE:
+		break;
+	case OID_PKCS9_SIGNING_TIME:
+		break;
+	case OID_PKCS9_MESSAGE_DIGEST:
+		break;
+	case OID_PKI_MESSAGE_TYPE:
+		{
+			scep_msg_t m;
+
+			for (m = SCEP_CertRep_MSG; m < SCEP_Unknown_MSG; m++)
+			{
+				if (strncmp(msgType_values[m], object.ptr, object.len) == 0)
+					attrs->msgType = m;
+			}
+			DBG(DBG_CONTROL,
+				DBG_log("messageType:  %s", msgType_names[attrs->msgType])
+			)
+		}
+		break;
+	case OID_PKI_STATUS:
+		{
+			pkiStatus_t s;
+
+			for (s = SCEP_SUCCESS; s < SCEP_UNKNOWN; s++)
+			{
+				if (strncmp(pkiStatus_values[s], object.ptr, object.len) == 0)
+					attrs->pkiStatus = s;
+			}
+			DBG(DBG_CONTROL,
+				DBG_log("pkiStatus:    %s", pkiStatus_names[attrs->pkiStatus])
+			)
+		}
+		break;
+	case OID_PKI_FAIL_INFO:
+		if (object.len == 1
+		&& *object.ptr >= '0' && *object.ptr <= '4')
+		{
+			attrs->failInfo = (failInfo_t)(*object.ptr - '0');
+		}
+		if (attrs->failInfo != SCEP_unknown_REASON)
+			plog("failInfo:     %s", failInfo_reasons[attrs->failInfo]);
+		break;
+	case OID_PKI_SENDER_NONCE:
+		attrs->senderNonce = object;
+		break;
+	case OID_PKI_RECIPIENT_NONCE:
+		attrs->recipientNonce = object;
+		break;
+	case OID_PKI_TRANS_ID:
+		attrs->transID = object;
 	}
-        if (attrs->failInfo != SCEP_unknown_REASON)
-	    plog("failInfo:     %s", failInfo_reasons[attrs->failInfo]);
-	break;
-    case OID_PKI_SENDER_NONCE:
-	attrs->senderNonce = object;
-	break;
-    case OID_PKI_RECIPIENT_NONCE:
-	attrs->recipientNonce = object;
-	break;
-    case OID_PKI_TRANS_ID:
-	attrs->transID = object;
-    }
-    return TRUE;
+	return TRUE;
 }
 
 /*
@@ -233,35 +233,35 @@ extract_attribute(int oid, chunk_t object, u_int level
 bool
 parse_attributes(chunk_t blob, scep_attributes_t *attrs)
 {
-    asn1_ctx_t ctx;
-    chunk_t object;
-    u_int level;
-    int oid = OID_UNKNOWN;
-    int objectID = 0;
-
-    asn1_init(&ctx, blob, 0, FALSE, DBG_RAW);
-
-    DBG(DBG_CONTROL | DBG_PARSING,
-	DBG_log("parsing attributes")
-    )
-    while (objectID < ATTRIBUTE_OBJ_ROOF)
-    {
-	if (!extract_object(attributesObjects, &objectID
-			   , &object, &level, &ctx))
-	     return FALSE;
-
-	switch (objectID)
+	asn1_ctx_t ctx;
+	chunk_t object;
+	u_int level;
+	int oid = OID_UNKNOWN;
+	int objectID = 0;
+
+	asn1_init(&ctx, blob, 0, FALSE, DBG_RAW);
+
+	DBG(DBG_CONTROL | DBG_PARSING,
+		DBG_log("parsing attributes")
+	)
+	while (objectID < ATTRIBUTE_OBJ_ROOF)
 	{
-	case ATTRIBUTE_OBJ_TYPE:
-	    oid = asn1_known_oid(object);
-	    break;
-	case ATTRIBUTE_OBJ_VALUE:
-	   if (!extract_attribute(oid, object, level, attrs))
-		return FALSE;
+		if (!extract_object(attributesObjects, &objectID
+						   , &object, &level, &ctx))
+			 return FALSE;
+
+		switch (objectID)
+		{
+		case ATTRIBUTE_OBJ_TYPE:
+			oid = asn1_known_oid(object);
+			break;
+		case ATTRIBUTE_OBJ_VALUE:
+		   if (!extract_attribute(oid, object, level, attrs))
+				return FALSE;
+		}
+		objectID++;
 	}
-	objectID++;
-    }
-    return TRUE;
+	return TRUE;
 }
 
 /* generates a unique fingerprint of the pkcs10 request 
@@ -270,14 +270,14 @@ parse_attributes(chunk_t blob, scep_attributes_t *attrs)
 void
 scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint)
 {
-    char buf[MD5_DIGEST_SIZE];
-    chunk_t digest = { buf, sizeof(buf) };
-
-    /* the fingerprint is the MD5 hash in hexadecimal format */
-    compute_digest(pkcs10, OID_MD5, &digest);
-    fingerprint->len = 2*digest.len;
-    fingerprint->ptr = malloc(fingerprint->len + 1);
-    datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1);
+	char buf[MD5_DIGEST_SIZE];
+	chunk_t digest = { buf, sizeof(buf) };
+
+	/* the fingerprint is the MD5 hash in hexadecimal format */
+	compute_digest(pkcs10, OID_MD5, &digest);
+	fingerprint->len = 2*digest.len;
+	fingerprint->ptr = malloc(fingerprint->len + 1);
+	datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1);
 }
 
 /* generate a transaction id as the MD5 hash of an public key
@@ -287,36 +287,36 @@ void
 scep_generate_transaction_id(const RSA_public_key_t *rsak
 , chunk_t *transID, chunk_t *serialNumber)
 {
-    char buf[MD5_DIGEST_SIZE];
+	char buf[MD5_DIGEST_SIZE];
 
-    chunk_t digest = { buf, sizeof(buf) };
-    chunk_t public_key = pkcs1_build_publicKeyInfo(rsak);
+	chunk_t digest = { buf, sizeof(buf) };
+	chunk_t public_key = pkcs1_build_publicKeyInfo(rsak);
 
-    bool msb_set;
-    u_char *pos;
+	bool msb_set;
+	u_char *pos;
 
-    compute_digest(public_key, OID_MD5, &digest);
-    free(public_key.ptr);
+	compute_digest(public_key, OID_MD5, &digest);
+	free(public_key.ptr);
 
-    /* is the most significant bit of the digest set? */
-    msb_set = (*digest.ptr & 0x80) == 0x80;
+	/* is the most significant bit of the digest set? */
+	msb_set = (*digest.ptr & 0x80) == 0x80;
 
-    /* allocate space for the serialNumber */
-    serialNumber->len = msb_set + digest.len;
-    serialNumber->ptr = malloc(serialNumber->len);
+	/* allocate space for the serialNumber */
+	serialNumber->len = msb_set + digest.len;
+	serialNumber->ptr = malloc(serialNumber->len);
 
-    /* the serial number as the two's complement of the digest */
-    pos = serialNumber->ptr;
-    if (msb_set)
-    {
-	*pos++ = 0x00;
-    }
-    memcpy(pos, digest.ptr, digest.len);
+	/* the serial number as the two's complement of the digest */
+	pos = serialNumber->ptr;
+	if (msb_set)
+	{
+		*pos++ = 0x00;
+	}
+	memcpy(pos, digest.ptr, digest.len);
 
-    /* the transaction id is the serial number in hex format */
-    transID->len = 2*digest.len;
-    transID->ptr = malloc(transID->len + 1);
-    datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1);
+	/* the transaction id is the serial number in hex format */
+	transID->len = 2*digest.len;
+	transID->ptr = malloc(transID->len + 1);
+	datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1);
 }
 
 /*
@@ -325,12 +325,12 @@ scep_generate_transaction_id(const RSA_public_key_t *rsak
 chunk_t
 scep_transId_attribute(chunk_t transID)
 {
-    return asn1_wrap(ASN1_SEQUENCE, "cm"
-		, ASN1_transId_oid
-		, asn1_wrap(ASN1_SET, "m"
-		    , asn1_simple_object(ASN1_PRINTABLESTRING, transID)
-		  )
-	      );
+	return asn1_wrap(ASN1_SEQUENCE, "cm"
+				, ASN1_transId_oid
+				, asn1_wrap(ASN1_SET, "m"
+					, asn1_simple_object(ASN1_PRINTABLESTRING, transID)
+				  )
+			  );
 }
 
 /*
@@ -339,17 +339,17 @@ scep_transId_attribute(chunk_t transID)
 chunk_t
 scep_messageType_attribute(scep_msg_t m)
 {
-    chunk_t msgType = {
-	(u_char*)msgType_values[m],
-	strlen(msgType_values[m])
-    };
-
-    return asn1_wrap(ASN1_SEQUENCE, "cm"
-		, ASN1_messageType_oid
-		, asn1_wrap(ASN1_SET, "m"
-		    , asn1_simple_object(ASN1_PRINTABLESTRING, msgType)
-		  )
-	      );
+	chunk_t msgType = {
+		(u_char*)msgType_values[m],
+		strlen(msgType_values[m])
+	};
+
+	return asn1_wrap(ASN1_SEQUENCE, "cm"
+				, ASN1_messageType_oid
+				, asn1_wrap(ASN1_SET, "m"
+					, asn1_simple_object(ASN1_PRINTABLESTRING, msgType)
+				  )
+			  );
 }
 
 /*
@@ -358,18 +358,18 @@ scep_messageType_attribute(scep_msg_t m)
 chunk_t
 scep_senderNonce_attribute(void)
 {
-    const size_t nonce_len = 16;
-    u_char nonce_buf[nonce_len];
-    chunk_t senderNonce = { nonce_buf, nonce_len };
-
-    get_rnd_bytes(nonce_buf, nonce_len);
- 
-    return asn1_wrap(ASN1_SEQUENCE, "cm"
-		, ASN1_senderNonce_oid
-		, asn1_wrap(ASN1_SET, "m"
-		    , asn1_simple_object(ASN1_OCTET_STRING, senderNonce)
-		  )
-	      );
+	const size_t nonce_len = 16;
+	u_char nonce_buf[nonce_len];
+	chunk_t senderNonce = { nonce_buf, nonce_len };
+
+	get_rnd_bytes(nonce_buf, nonce_len);
+
+	return asn1_wrap(ASN1_SEQUENCE, "cm"
+				, ASN1_senderNonce_oid
+				, asn1_wrap(ASN1_SET, "m"
+					, asn1_simple_object(ASN1_OCTET_STRING, senderNonce)
+				  )
+			  );
 }
 
 /*
@@ -381,23 +381,23 @@ scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg
 , const x509cert_t *signer_cert, int digest_alg
 , const RSA_private_key_t *private_key)
 {
-    chunk_t envelopedData, attributes, request;
-
-    envelopedData = pkcs7_build_envelopedData(data, enc_cert, enc_alg);
-
-    attributes = asn1_wrap(ASN1_SET, "mmmmm"
-		    , pkcs7_contentType_attribute()
-		    , pkcs7_messageDigest_attribute(envelopedData
-			, digest_alg)
-		    , scep_transId_attribute(transID)
-		    , scep_messageType_attribute(msg)
-		    , scep_senderNonce_attribute());
-
-    request = pkcs7_build_signedData(envelopedData, attributes
-		    , signer_cert, digest_alg, private_key);
-    free(envelopedData.ptr);
-    free(attributes.ptr);
-    return request;
+	chunk_t envelopedData, attributes, request;
+
+	envelopedData = pkcs7_build_envelopedData(data, enc_cert, enc_alg);
+
+	attributes = asn1_wrap(ASN1_SET, "mmmmm"
+					, pkcs7_contentType_attribute()
+					, pkcs7_messageDigest_attribute(envelopedData
+						, digest_alg)
+					, scep_transId_attribute(transID)
+					, scep_messageType_attribute(msg)
+					, scep_senderNonce_attribute());
+
+	request = pkcs7_build_signedData(envelopedData, attributes
+					, signer_cert, digest_alg, private_key);
+	free(envelopedData.ptr);
+	free(attributes.ptr);
+	return request;
 }
 
 #ifdef LIBCURL
@@ -407,58 +407,58 @@ scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg
 static char*
 escape_http_request(chunk_t req)
 {
-    char *escaped_req = NULL;
-    char *p1, *p2;
-    int lines = 0;
-    int plus  = 0;
-    int n     = 0;
-
-    /* compute and allocate the size of the base64-encoded request */
-    int len = 1 + 4*((req.len + 2)/3);
-    char *encoded_req = malloc(len);
-
-    /* do the base64 conversion */
-    len = datatot(req.ptr, req.len, 64, encoded_req, len);
-
-    /* compute newline characters to be inserted every 64 characters */
-    lines = (len - 2) / 64;
-
-    /* count number of + characters to be escaped */
-    p1 = encoded_req;
-    while (*p1 != '\0')
-    {
-	if (*p1++ == '+')
-	    plus++;
-    }
-
-    escaped_req = malloc(len + 3*(lines + plus));
-
-    /* escape special characters in the request */
-    p1 = encoded_req;
-    p2 = escaped_req;
-    while (*p1 != '\0')
-    {
-	if (n == 64)
-	{
-	    memcpy(p2, "%0A", 3);
-	    p2 += 3;
-	    n = 0;
-	}
-	if (*p1 == '+')
+	char *escaped_req = NULL;
+	char *p1, *p2;
+	int lines = 0;
+	int plus  = 0;
+	int n     = 0;
+
+	/* compute and allocate the size of the base64-encoded request */
+	int len = 1 + 4*((req.len + 2)/3);
+	char *encoded_req = malloc(len);
+
+	/* do the base64 conversion */
+	len = datatot(req.ptr, req.len, 64, encoded_req, len);
+
+	/* compute newline characters to be inserted every 64 characters */
+	lines = (len - 2) / 64;
+
+	/* count number of + characters to be escaped */
+	p1 = encoded_req;
+	while (*p1 != '\0')
 	{
-	    memcpy(p2, "%2B", 3);
-	    p2 += 3;
+		if (*p1++ == '+')
+			plus++;
 	}
-	else
+
+	escaped_req = malloc(len + 3*(lines + plus));
+
+	/* escape special characters in the request */
+	p1 = encoded_req;
+	p2 = escaped_req;
+	while (*p1 != '\0')
 	{
-	    *p2++ = *p1;
+		if (n == 64)
+		{
+			memcpy(p2, "%0A", 3);
+			p2 += 3;
+			n = 0;
+		}
+		if (*p1 == '+')
+		{
+			memcpy(p2, "%2B", 3);
+			p2 += 3;
+		}
+		else
+		{
+			*p2++ = *p1;
+		}
+		p1++;
+		n++;
 	}
-	p1++;
-	n++;
-    }
-    *p2 = '\0';
-    free(encoded_req);
-    return escaped_req;
+	*p2 = '\0';
+	free(encoded_req);
+	return escaped_req;
 }
 #endif
 
@@ -470,109 +470,109 @@ scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op
 , fetch_request_t req_type, chunk_t *response)
 {
 #ifdef LIBCURL
-    char errorbuffer[CURL_ERROR_SIZE] = "";
-    char *complete_url = NULL;
-    struct curl_slist *headers = NULL;
-    CURL *curl;
-    CURLcode res;
-
-    /* initialize response */
-    *response = chunk_empty;
-
-    /* initialize curl context */
-    curl = curl_easy_init();
-    if (curl == NULL)
-    {
-	plog("could not initialize curl context");
-	return FALSE;
-    }
-
-    if (op == SCEP_PKI_OPERATION)
-    {
-	const char operation[] = "PKIOperation";
+	char errorbuffer[CURL_ERROR_SIZE] = "";
+	char *complete_url = NULL;
+	struct curl_slist *headers = NULL;
+	CURL *curl;
+	CURLcode res;
+
+	/* initialize response */
+	*response = chunk_empty;
+
+	/* initialize curl context */
+	curl = curl_easy_init();
+	if (curl == NULL)
+	{
+		plog("could not initialize curl context");
+		return FALSE;
+	}
 
-	if (req_type == FETCH_GET)
+	if (op == SCEP_PKI_OPERATION)
 	{
-	    char *escaped_req = escape_http_request(pkcs7);
-
-	    /* form complete url */
-	    int len = strlen(url) + 20 + strlen(operation) + strlen(escaped_req) + 1;
-
-	    complete_url = malloc(len);
-	    snprintf(complete_url, len, "%s?operation=%s&message=%s"
-		    , url, operation, escaped_req);
-	    free(escaped_req);
-
-	    curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
-	    headers = curl_slist_append(headers, "Pragma:");
-	    headers = curl_slist_append(headers, "Host:");
-	    headers = curl_slist_append(headers, "Accept:");
-	    curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
-	    curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
+		const char operation[] = "PKIOperation";
+
+		if (req_type == FETCH_GET)
+		{
+			char *escaped_req = escape_http_request(pkcs7);
+
+			/* form complete url */
+			int len = strlen(url) + 20 + strlen(operation) + strlen(escaped_req) + 1;
+
+			complete_url = malloc(len);
+			snprintf(complete_url, len, "%s?operation=%s&message=%s"
+					, url, operation, escaped_req);
+			free(escaped_req);
+
+			curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
+			headers = curl_slist_append(headers, "Pragma:");
+			headers = curl_slist_append(headers, "Host:");
+			headers = curl_slist_append(headers, "Accept:");
+			curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
+			curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
+		}
+		else /* HTTP_POST */
+		{
+			/* form complete url */
+			int len = strlen(url) + 11 + strlen(operation) + 1;
+
+			complete_url = malloc(len);
+			snprintf(complete_url, len, "%s?operation=%s", url, operation);
+
+			curl_easy_setopt(curl, CURLOPT_HTTPGET, FALSE);
+			headers = curl_slist_append(headers, "Content-Type:");
+			headers = curl_slist_append(headers, "Expect:");
+			curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
+			curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char*)pkcs7.ptr);
+			curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len);
+		}
 	}
-	else /* HTTP_POST */
+	else  /* SCEP_GET_CA_CERT */
 	{
-	    /* form complete url */
-	    int len = strlen(url) + 11 + strlen(operation) + 1;
-
-	    complete_url = malloc(len);
-	    snprintf(complete_url, len, "%s?operation=%s", url, operation);
-
-	    curl_easy_setopt(curl, CURLOPT_HTTPGET, FALSE);
-	    headers = curl_slist_append(headers, "Content-Type:");
-	    headers = curl_slist_append(headers, "Expect:");
-	    curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
-	    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, (char*)pkcs7.ptr);
-	    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len);
+		const char operation[] = "GetCACert";
+
+		/* form complete url */
+		int len = strlen(url) + 32 + strlen(operation) + 1;
+
+		complete_url = malloc(len);
+		snprintf(complete_url, len, "%s?operation=%s&message=CAIdentifier"
+				, url, operation);
+
+		curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
 	}
-    }
-    else  /* SCEP_GET_CA_CERT */
-    {
-	const char operation[] = "GetCACert";
-
-	/* form complete url */
-	int len = strlen(url) + 32 + strlen(operation) + 1;
-
-	complete_url = malloc(len);
-	snprintf(complete_url, len, "%s?operation=%s&message=CAIdentifier"
-		, url, operation);
-
-	curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
-    }
-
-    curl_easy_setopt(curl, CURLOPT_URL, complete_url);
-    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
-    curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)response);
-    curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
-    curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
-    curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
-	
-    DBG(DBG_CONTROL,
-	DBG_log("sending scep request to '%s'", url)
-    )
-    res = curl_easy_perform(curl);
-	
-    if (res == CURLE_OK)
-    {
+
+	curl_easy_setopt(curl, CURLOPT_URL, complete_url);
+	curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
+	curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)response);
+	curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
+	curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
+	curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
+		
 	DBG(DBG_CONTROL,
-	    DBG_log("received scep response")
+		DBG_log("sending scep request to '%s'", url)
 	)
-	DBG(DBG_RAW,
-	    DBG_dump_chunk("SCEP response:\n", *response)
-	)
-    }
-    else
-    {
-	plog("failed to fetch scep response from '%s': %s", url, errorbuffer);
-    }
-    curl_slist_free_all(headers);
-    curl_easy_cleanup(curl);
-    free(complete_url);
-
-    return (res == CURLE_OK);
+	res = curl_easy_perform(curl);
+		
+	if (res == CURLE_OK)
+	{
+		DBG(DBG_CONTROL,
+			DBG_log("received scep response")
+		)
+		DBG(DBG_RAW,
+			DBG_dump_chunk("SCEP response:\n", *response)
+		)
+	}
+	else
+	{
+		plog("failed to fetch scep response from '%s': %s", url, errorbuffer);
+	}
+	curl_slist_free_all(headers);
+	curl_easy_cleanup(curl);
+	free(complete_url);
+
+	return (res == CURLE_OK);
 #else   /* !LIBCURL */
-    plog("scep error: pluto wasn't compiled with libcurl support");
-    return FALSE;
+	plog("scep error: pluto wasn't compiled with libcurl support");
+	return FALSE;
 #endif  /* !LIBCURL */
 }
 
@@ -580,19 +580,19 @@ err_t
 scep_parse_response(chunk_t response, chunk_t transID, contentInfo_t *data
 , scep_attributes_t *attrs, x509cert_t *signer_cert)
 {
-    chunk_t attributes;
-
-    if (!pkcs7_parse_signedData(response, data, NULL, &attributes, signer_cert))
-    {
-	return "error parsing the scep response";
-    }
-    if (!parse_attributes(attributes, attrs))
-    {
-	return "error parsing the scep response attributes";
-    }
-    if (!chunk_equals(transID, attrs->transID))
-    {
-	return "transaction ID of scep response does not match";
-    }
-    return NULL;
+	chunk_t attributes;
+
+	if (!pkcs7_parse_signedData(response, data, NULL, &attributes, signer_cert))
+	{
+		return "error parsing the scep response";
+	}
+	if (!parse_attributes(attributes, attrs))
+	{
+		return "error parsing the scep response attributes";
+	}
+	if (!chunk_equals(transID, attrs->transID))
+	{
+		return "transaction ID of scep response does not match";
+	}
+	return NULL;
 }
author	Andreas Steffen <andreas.steffen@strongswan.org>	2009-04-19 19:16:09 +0000
committer	Andreas Steffen <andreas.steffen@strongswan.org>	2009-04-19 19:16:09 +0000
commit	3d7a244b5470e104539580c7bc489d7b581430eb (patch)
tree	db1d6a47dc7d040610f94351af857ef83f05ed39 /src/scepclient/scep.c
parent	d940c7638cb964aaa66bdf96af803c678c5522c3 (diff)
download	strongswan-3d7a244b5470e104539580c7bc489d7b581430eb.tar.bz2 strongswan-3d7a244b5470e104539580c7bc489d7b581430eb.tar.xz