aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/x509/x509_cert.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/x509/x509_cert.c')
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c50
1 files changed, 25 insertions, 25 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 8b228a2b6..f828c923a 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -301,7 +301,7 @@ static void parse_basicConstraints(chunk_t blob, int level0,
{
case BASIC_CONSTRAINTS_CA:
isCA = object.len && *object.ptr;
- DBG2(DBG_LIB, " %s", isCA ? "TRUE" : "FALSE");
+ DBG2(DBG_ASN, " %s", isCA ? "TRUE" : "FALSE");
if (isCA)
{
this->flags |= X509_CA;
@@ -482,7 +482,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
if (id_type != ID_ANY)
{
gn = identification_create_from_encoding(id_type, object);
- DBG2(DBG_LIB, " '%Y'", gn);
+ DBG2(DBG_ASN, " '%Y'", gn);
goto end;
}
}
@@ -638,7 +638,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
/* parsing went wrong - abort */
goto end;
}
- DBG2(DBG_LIB, " '%Y'", id);
+ DBG2(DBG_ASN, " '%Y'", id);
if (accessMethod == OID_OCSP &&
asprintf(&uri, "%Y", id) > 0)
{
@@ -1134,36 +1134,36 @@ static bool check_address_object(ts_type_t ts_type, chunk_t object)
case TS_IPV4_ADDR_RANGE:
if (object.len > 5)
{
- DBG1(DBG_LIB, "IPv4 address object is larger than 5 octets");
+ DBG1(DBG_ASN, "IPv4 address object is larger than 5 octets");
return FALSE;
}
break;
case TS_IPV6_ADDR_RANGE:
if (object.len > 17)
{
- DBG1(DBG_LIB, "IPv6 address object is larger than 17 octets");
+ DBG1(DBG_ASN, "IPv6 address object is larger than 17 octets");
return FALSE;
}
break;
default:
- DBG1(DBG_LIB, "unknown address family");
+ DBG1(DBG_ASN, "unknown address family");
return FALSE;
}
if (object.len == 0)
{
- DBG1(DBG_LIB, "An ASN.1 bit string must contain at least the "
+ DBG1(DBG_ASN, "An ASN.1 bit string must contain at least the "
"initial octet");
return FALSE;
}
if (object.len == 1 && object.ptr[0] != 0)
{
- DBG1(DBG_LIB, "An empty ASN.1 bit string must contain a zero "
+ DBG1(DBG_ASN, "An empty ASN.1 bit string must contain a zero "
"initial octet");
return FALSE;
}
if (object.ptr[0] > 7)
{
- DBG1(DBG_LIB, "number of unused bits is too large");
+ DBG1(DBG_ASN, "number of unused bits is too large");
return FALSE;
}
return TRUE;
@@ -1201,11 +1201,11 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0,
{
break;
}
- DBG2(DBG_LIB, " %N", ts_type_name, ts_type);
+ DBG2(DBG_ASN, " %N", ts_type_name, ts_type);
}
break;
case IP_ADDR_BLOCKS_INHERIT:
- DBG1(DBG_LIB, "inherit choice is not supported");
+ DBG1(DBG_ASN, "inherit choice is not supported");
break;
case IP_ADDR_BLOCKS_PREFIX:
if (!check_address_object(ts_type, object))
@@ -1214,7 +1214,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0,
}
ts = traffic_selector_create_from_rfc3779_format(ts_type,
object, object);
- DBG2(DBG_LIB, " %R", ts);
+ DBG2(DBG_ASN, " %R", ts);
this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
break;
case IP_ADDR_BLOCKS_MIN:
@@ -1231,7 +1231,7 @@ static void parse_ipAddrBlocks(chunk_t blob, int level0,
}
ts = traffic_selector_create_from_rfc3779_format(ts_type,
min_object, object);
- DBG2(DBG_LIB, " %R", ts);
+ DBG2(DBG_ASN, " %R", ts);
this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
break;
default:
@@ -1320,12 +1320,12 @@ static bool parse_certificate(private_x509_cert_t *this)
this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
if (this->version < 1 || this->version > 3)
{
- DBG1(DBG_LIB, "X.509v%d not supported", this->version);
+ DBG1(DBG_ASN, "X.509v%d not supported", this->version);
goto end;
}
else
{
- DBG2(DBG_LIB, " X.509v%d", this->version);
+ DBG2(DBG_ASN, " X.509v%d", this->version);
}
break;
case X509_OBJ_SERIAL_NUMBER:
@@ -1336,7 +1336,7 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
case X509_OBJ_ISSUER:
this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(DBG_LIB, " '%Y'", this->issuer);
+ DBG2(DBG_ASN, " '%Y'", this->issuer);
break;
case X509_OBJ_NOT_BEFORE:
this->notBefore = asn1_parse_time(object, level);
@@ -1346,13 +1346,13 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
case X509_OBJ_SUBJECT:
this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(DBG_LIB, " '%Y'", this->subject);
+ DBG2(DBG_ASN, " '%Y'", this->subject);
break;
case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
- DBG2(DBG_LIB, "-- > --");
+ DBG2(DBG_ASN, "-- > --");
this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END);
- DBG2(DBG_LIB, "-- < --");
+ DBG2(DBG_ASN, "-- < --");
if (this->public_key == NULL)
{
goto end;
@@ -1361,7 +1361,7 @@ static bool parse_certificate(private_x509_cert_t *this)
case X509_OBJ_OPTIONAL_EXTENSIONS:
if (this->version != 3)
{
- DBG1(DBG_LIB, "Only X.509v3 certificates have extensions");
+ DBG1(DBG_ASN, "Only X.509v3 certificates have extensions");
goto end;
}
break;
@@ -1370,7 +1370,7 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
case X509_OBJ_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
+ DBG2(DBG_ASN, " %s", critical ? "TRUE" : "FALSE");
break;
case X509_OBJ_EXTN_VALUE:
{
@@ -1445,7 +1445,7 @@ static bool parse_certificate(private_x509_cert_t *this)
if (critical && lib->settings->get_bool(lib->settings,
"libstrongswan.x509.enforce_critical", TRUE))
{
- DBG1(DBG_LIB, "critical '%s' extension not supported",
+ DBG1(DBG_ASN, "critical '%s' extension not supported",
(extn_oid == OID_UNKNOWN) ? "unknown" :
(char*)oid_names[extn_oid].name);
goto end;
@@ -1458,7 +1458,7 @@ static bool parse_certificate(private_x509_cert_t *this)
this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
if (this->algorithm != sig_alg)
{
- DBG1(DBG_LIB, " signature algorithms do not agree");
+ DBG1(DBG_ASN, " signature algorithms do not agree");
goto end;
}
break;
@@ -1488,7 +1488,7 @@ end:
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher == NULL)
{
- DBG1(DBG_LIB, " unable to create hash of certificate, SHA1 not supported");
+ DBG1(DBG_ASN, " unable to create hash of certificate, SHA1 not supported");
return NULL;
}
hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
@@ -1901,7 +1901,7 @@ chunk_t build_generalName(identification_t *id)
context = ASN1_CONTEXT_S_7;
break;
default:
- DBG1(DBG_LIB, "encoding %N as generalName not supported",
+ DBG1(DBG_ASN, "encoding %N as generalName not supported",
id_type_names, id->get_type(id));
return chunk_empty;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-20 03:31:25 +0000