subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bre...@apache.org
Subject svn commit: r1618902 - in /subversion/branches/svn-auth-x509/subversion: include/svn_x509.h libsvn_subr/x509.h libsvn_subr/x509info.c libsvn_subr/x509parse.c
Date Tue, 19 Aug 2014 17:15:19 GMT
Author: breser
Date: Tue Aug 19 17:15:19 2014
New Revision: 1618902

URL: http://svn.apache.org/r1618902
Log:
On svn-auth-x509 branch: Resurrect r1614643.

* subversion/include/svn_x509.h
  (svn_x509_certinfo_get_subject,
   svn_x509_certinfo_get_issuer): Clarify in docs that these functions
   return the whole Distinguished Name.
  (svn_x509_certinfo_get_subject_cn): New prototype.
* subversion/libsvn_subr/x509.h
  (svn_x509_certinfo_t): New member subject_cn.
* subversion/libsvn_subr/x509info.c
  (svn_x509_certinfo_dup): Copy the subject_cn.
  (svn_x509_certinfo_get_subject_cn): Implement.
* subversion/libsvn_subr/x509parse.c
  (x509parse_dn_gets): Optionally return the CN in a separate stringbuf.
  (svn_x509_parse_cert): Retreive and return the subject CN.

Modified:
    subversion/branches/svn-auth-x509/subversion/include/svn_x509.h
    subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h
    subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c
    subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c

Modified: subversion/branches/svn-auth-x509/subversion/include/svn_x509.h
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/include/svn_x509.h?rev=1618902&r1=1618901&r2=1618902&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/include/svn_x509.h (original)
+++ subversion/branches/svn-auth-x509/subversion/include/svn_x509.h Tue Aug 19 17:15:19 2014
@@ -79,14 +79,21 @@ svn_x509_certinfo_dup(const svn_x509_cer
                       apr_pool_t *scratch_pool);
 
 /**
- * Returns the subject name from @a certinfo.
+ * Returns the subject DN from @a certinfo.
  * @since New in 1.9.
  */
 const char *
 svn_x509_certinfo_get_subject(const svn_x509_certinfo_t *certinfo);
 
 /**
- * Returns the cerficiate issuer name from @a certinfo.
+ * Returns the subject CN from @a certinfo.
+ * @since New in 1.9.
+ */
+const char *
+svn_x509_certinfo_get_subject_cn(const svn_x509_certinfo_t *certinfo);
+
+/**
+ * Returns the cerficiate issuer DN from @a certinfo.
  * @since New in 1.9.
  */
 const char *

Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h?rev=1618902&r1=1618901&r2=1618902&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h Tue Aug 19 17:15:19 2014
@@ -122,6 +122,7 @@ typedef struct _x509_cert {
 struct svn_x509_certinfo_t
 {
   const char *subject;
+  const char *subject_cn;
   const char *issuer;
   apr_time_t valid_from;
   apr_time_t valid_to;

Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c?rev=1618902&r1=1618901&r2=1618902&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c Tue Aug 19 17:15:19
2014
@@ -40,6 +40,7 @@ svn_x509_certinfo_dup(const svn_x509_cer
 {
   svn_x509_certinfo_t *result = apr_palloc(result_pool, sizeof(*result));
   result->subject = apr_pstrdup(result_pool, certinfo->subject);
+  result->subject_cn = apr_pstrdup(result_pool, certinfo->subject_cn);
   result->issuer = apr_pstrdup(result_pool, certinfo->issuer);
   result->valid_from = certinfo->valid_from;
   result->valid_to = certinfo->valid_to;
@@ -69,6 +70,12 @@ svn_x509_certinfo_get_subject(const svn_
 }
 
 const char *
+svn-x509_certinfo_get_subject_cn(const svn_x509_certinfo_t *certinfo)
+{
+  return certinfo->subject_cn;
+}
+
+const char *
 svn_x509_certinfo_get_issuer(const svn_x509_certinfo_t *certinfo)
 {
   return certinfo->issuer;

Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c?rev=1618902&r1=1618901&r2=1618902&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c Tue Aug 19 17:15:19
2014
@@ -887,10 +887,11 @@ x509name_to_utf8_string(const x509_name 
 /*
  * Store the name from dn in printable form into buf,
  * using scratch_pool for any temporary allocations.
+ * If CN is not NULL, return any common name in CN
  */
 static void
-x509parse_dn_gets(svn_stringbuf_t *buf, const x509_name * dn,
-                  apr_pool_t *scratch_pool)
+x509parse_dn_gets(svn_stringbuf_t *buf, svn_stringbuf_t *cn,
+                  const x509_name * dn, apr_pool_t *scratch_pool)
 {
   const x509_name *name;
   const char *temp;
@@ -899,6 +900,7 @@ x509parse_dn_gets(svn_stringbuf_t *buf, 
 
   while (name != NULL) {
     const svn_string_t *utf8_value;
+    svn_boolean_t return_cn = FALSE;
 
     if (name != dn)
       svn_stringbuf_appendcstr(buf, ", ");
@@ -908,6 +910,8 @@ x509parse_dn_gets(svn_stringbuf_t *buf, 
         switch (name->oid.p[2]) {
         case X520_COMMON_NAME:
           svn_stringbuf_appendcstr(buf, "CN=");
+          if (cn)
+            return_cn = TRUE;
           break;
 
         case X520_COUNTRY:
@@ -954,7 +958,11 @@ x509parse_dn_gets(svn_stringbuf_t *buf, 
 
     utf8_value = x509name_to_utf8_string(name, scratch_pool);
     if (utf8_value)
-      svn_stringbuf_appendbytes(buf, utf8_value->data, utf8_value->len);
+      {
+        svn_stringbuf_appendbytes(buf, utf8_value->data, utf8_value->len);
+        if (return_cn)
+          svn_stringbuf_appendbytes(cn, utf8_value->data, utf8_value->len);
+      }
     else
       /* this should never happen */
       svn_stringbuf_appendfill(buf, '?', 2);
@@ -1067,6 +1075,7 @@ svn_x509_parse_cert(svn_x509_certinfo_t 
   x509_cert *crt;
   svn_x509_certinfo_t *ci;
   svn_stringbuf_t *namebuf;
+  svn_stringbuf_t *cnbuf;
 
   crt = apr_pcalloc(scratch_pool, sizeof(*crt));
   p = (const unsigned char *)buf;
@@ -1202,12 +1211,14 @@ svn_x509_parse_cert(svn_x509_certinfo_t 
 
   /* Get the subject name */
   namebuf = svn_stringbuf_create_empty(result_pool);
-  x509parse_dn_gets(namebuf, &crt->subject, scratch_pool);
+  cnbuf = svn_stringbuf_create_empty(result_pool);
+  x509parse_dn_gets(namebuf, cnbuf, &crt->subject, scratch_pool);
   ci->subject = namebuf->data;
+  ci->subject_cn = (svn_stringbuf_isempty(cnbuf) ? NULL : cnbuf->data);
 
   /* Get the issuer name */
   namebuf = svn_stringbuf_create_empty(result_pool);
-  x509parse_dn_gets(namebuf, &crt->issuer, scratch_pool);
+  x509parse_dn_gets(namebuf, NULL, &crt->issuer, scratch_pool);
   ci->issuer = namebuf->data;
 
   /* Copy the validity range */



Mime
View raw message