aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/charon/plugins/stroke/stroke_list.c9
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c9
-rw-r--r--src/pluto/x509.c10
3 files changed, 27 insertions, 1 deletions
diff --git a/src/charon/plugins/stroke/stroke_list.c b/src/charon/plugins/stroke/stroke_list.c
index f8bab4f9d..5cffa4298 100644
--- a/src/charon/plugins/stroke/stroke_list.c
+++ b/src/charon/plugins/stroke/stroke_list.c
@@ -665,6 +665,7 @@ static void stroke_list_certs(linked_list_t *list, char *label,
enumerator_t *enumerator;
identification_t *altName;
bool first_altName = TRUE;
+ int pathlen;
chunk_t serial, authkey;
time_t notBefore, notAfter;
public_key_t *public;
@@ -742,6 +743,14 @@ static void stroke_list_certs(linked_list_t *list, char *label,
{
fprintf(out, " authkey: %#B\n", &authkey);
}
+
+ /* list optional pathLenConstraint */
+ pathlen = x509->get_pathLenConstraint(x509);
+ if (pathlen != NO_PATH_LEN_CONSTRAINT)
+ {
+ fprintf(out, " pathlen: %d\n", pathlen);
+ }
+
}
}
enumerator->destroy(enumerator);
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index b10317093..0147e78c6 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -1135,6 +1135,14 @@ static chunk_t get_authKeyIdentifier(private_x509_cert_t *this)
}
/**
+ * Implementation of x509_t.get_pathLenConstraint.
+ */
+static int get_pathLenConstraint(private_x509_cert_t *this)
+{
+ return this->pathLenConstraint;
+}
+
+/**
* Implementation of x509_cert_t.create_subjectAltName_enumerator.
*/
static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
@@ -1209,6 +1217,7 @@ static private_x509_cert_t* create_empty(void)
this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier;
this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier;
+ this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint;
this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
diff --git a/src/pluto/x509.c b/src/pluto/x509.c
index 47c9cecff..25b4e148c 100644
--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@@ -505,7 +505,7 @@ void list_x509cert_chain(const char *caption, x509cert_t* cert,
enumerator_t *enumerator;
char buf[BUF_LEN];
char *pos = buf;
- int len = BUF_LEN;
+ int len = BUF_LEN, pathlen;
bool first_altName = TRUE;
identification_t *id;
time_t notBefore, notAfter;
@@ -589,6 +589,14 @@ void list_x509cert_chain(const char *caption, x509cert_t* cert,
{
whack_log(RC_COMMENT, " authkey: %#B", &authkey);
}
+
+ /* list optional pathLenConstraint */
+ pathlen = x509->get_pathLenConstraint(x509);
+ if (pathlen != NO_PATH_LEN_CONSTRAINT)
+ {
+ whack_log(RC_COMMENT, " pathlen: %d", pathlen);
+ }
+
}
cert = cert->next;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 19:17:09 +0000