aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libstrongswan/credentials/builder.c3
-rw-r--r--src/libstrongswan/credentials/builder.h4
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c10
-rw-r--r--src/openac/openac.c15
4 files changed, 22 insertions, 10 deletions
diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index 4e52272a7..ddb64ef88 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -38,7 +38,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_SERIAL",
"BUILD_DIGEST_ALG",
"BUILD_ENCRYPTION_ALG",
- "BUILD_IETF_GROUP_ATTR",
+ "BUILD_AC_GROUP_STRINGS",
"BUILD_CA_CERT",
"BUILD_CERT",
"BUILD_CRL_DISTRIBUTION_POINTS",
@@ -72,4 +72,3 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_THRESHOLD",
"BUILD_END",
);
-
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index 103b823c0..627e0934d 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -87,8 +87,8 @@ enum builder_part_t {
BUILD_DIGEST_ALG,
/** encryption algorithm to use, encryption_algorithm_t */
BUILD_ENCRYPTION_ALG,
- /** a comma-separated list of ietf group attributes, char* */
- BUILD_IETF_GROUP_ATTR,
+ /** list of AC group memberships, linked_list_t* with char* */
+ BUILD_AC_GROUP_STRINGS,
/** a ca certificate, certificate_t* */
BUILD_CA_CERT,
/** a certificate, certificate_t* */
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 410b2e5ce..97e2a941e 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -1065,15 +1065,15 @@ x509_ac_t *x509_ac_load(certificate_type_t type, va_list args)
}
/**
- * Parse a comma separated group list into AC group memberships
+ * Add groups from a list into AC group memberships
*/
-static void add_groups_from_string(private_x509_ac_t *this, char *str)
+static void add_groups_from_list(private_x509_ac_t *this, linked_list_t *list)
{
enumerator_t *enumerator;
group_t *group;
char *name;
- enumerator = enumerator_create_token(str, ",", " ");
+ enumerator = list->create_enumerator(list);
while (enumerator->enumerate(enumerator, &name))
{
INIT(group,
@@ -1106,8 +1106,8 @@ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args)
case BUILD_SERIAL:
ac->serialNumber = chunk_clone(va_arg(args, chunk_t));
continue;
- case BUILD_IETF_GROUP_ATTR:
- add_groups_from_string(ac, va_arg(args, char*));
+ case BUILD_AC_GROUP_STRINGS:
+ add_groups_from_list(ac, va_arg(args, linked_list_t*));
continue;
case BUILD_CERT:
ac->holderCert = va_arg(args, certificate_t*);
diff --git a/src/openac/openac.c b/src/openac/openac.c
index 8862e9ab0..1424a7e72 100644
--- a/src/openac/openac.c
+++ b/src/openac/openac.c
@@ -495,6 +495,18 @@ int main(int argc, char **argv)
if (userCert != NULL && signerCert != NULL && signerKey != NULL &&
outfile != NULL)
{
+ linked_list_t *group_list;
+ enumerator_t *enumerator;
+ char *group;
+
+ group_list = linked_list_create();
+ enumerator = enumerator_create_token(groups, ",", " ");
+ while (enumerator->enumerate(enumerator, &group))
+ {
+ group_list->insert_last(group_list, strdup(group));
+ }
+ enumerator->destroy(enumerator);
+
/* read the serial number and increment it by one */
serial = read_serial();
@@ -504,10 +516,11 @@ int main(int argc, char **argv)
BUILD_NOT_BEFORE_TIME, notBefore,
BUILD_NOT_AFTER_TIME, notAfter,
BUILD_SERIAL, serial,
- BUILD_IETF_GROUP_ATTR, groups,
+ BUILD_AC_GROUP_STRINGS, group_list,
BUILD_SIGNING_CERT, signerCert,
BUILD_SIGNING_KEY, signerKey,
BUILD_END);
+ group_list->destroy_function(group_list, free);
if (!attr_cert)
{
goto end;
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 02:18:47 +0000