diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-12-22 13:18:27 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-12-22 13:18:27 +0100 |
| commit | e16a01a5e656c3adb560a881ef454340756cdf8a (patch) | |
| tree | c404da008e97c87414226debd170511c03582b5c /src | |
| parent | 91e35b7c9ec356d7ba08e0672926dd2a80efefde (diff) | |
| download | strongswan-e16a01a5e656c3adb560a881ef454340756cdf8a.tar.bz2 strongswan-e16a01a5e656c3adb560a881ef454340756cdf8a.tar.xz | |
X509_IP_ADDR_BLOCKS flag signals the presence of an ipAddrBlock certificate extension
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/credentials/certificates/x509.h | 14 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_cert.c | 3 |
2 files changed, 10 insertions, 7 deletions
diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h index 37c59a963..ebe660d59 100644 --- a/src/libstrongswan/credentials/certificates/x509.h +++ b/src/libstrongswan/credentials/certificates/x509.h @@ -35,17 +35,19 @@ typedef enum x509_flag_t x509_flag_t; */ enum x509_flag_t { /** cert has no constraints */ - X509_NONE = 0, + X509_NONE = 0, /** cert has CA constraint */ - X509_CA = (1<<0), + X509_CA = (1<<0), /** cert has AA constraint */ - X509_AA = (1<<1), + X509_AA = (1<<1), /** cert has OCSP signer constraint */ - X509_OCSP_SIGNER = (1<<2), + X509_OCSP_SIGNER = (1<<2), /** cert has serverAuth constraint */ - X509_SERVER_AUTH = (1<<3), + X509_SERVER_AUTH = (1<<3), /** cert is self-signed */ - X509_SELF_SIGNED = (1<<4), + X509_SELF_SIGNED = (1<<4), + /** cert has an ipAddrBlocks extension */ + X509_IP_ADDR_BLOCKS = (1<<5), }; /** diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index c3c377d08..dee056d5d 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -803,7 +803,8 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0, break; } } - + this->flags |= X509_IP_ADDR_BLOCKS; + end: parser->destroy(parser); } |