Return-Path: X-Original-To: apmail-subversion-commits-archive@minotaur.apache.org Delivered-To: apmail-subversion-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8CB3D10D76 for ; Mon, 3 Nov 2014 20:06:31 +0000 (UTC) Received: (qmail 51484 invoked by uid 500); 3 Nov 2014 20:06:30 -0000 Delivered-To: apmail-subversion-commits-archive@subversion.apache.org Received: (qmail 51454 invoked by uid 500); 3 Nov 2014 20:06:30 -0000 Mailing-List: contact commits-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@subversion.apache.org Delivered-To: mailing list commits@subversion.apache.org Received: (qmail 51444 invoked by uid 99); 3 Nov 2014 20:06:30 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Nov 2014 20:06:30 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Nov 2014 20:06:27 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 7A26823888FE; Mon, 3 Nov 2014 20:04:37 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1636428 [1/2] - in /subversion/branches/svn-auth-x509/subversion: include/svn_x509.h libsvn_subr/x509.h libsvn_subr/x509info.c libsvn_subr/x509parse.c Date: Mon, 03 Nov 2014 20:04:37 -0000 To: commits@subversion.apache.org From: breser@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20141103200437.7A26823888FE@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: breser Date: Mon Nov 3 20:04:36 2014 New Revision: 1636428 URL: http://svn.apache.org/r1636428 Log: On 'svn-auth-x509' branch, set svn:eol-style to native. * subversion/include/svn_x509.h, subversion/libsvn_subr/x509.h, subversion/libsvn_subr/x509info.c, subversion/libsvn_subr/x509parse.c: Set to native line endings and fix the CRLF endings as is currently stored in the repo. Modified: subversion/branches/svn-auth-x509/subversion/include/svn_x509.h (contents, props changed) subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h (contents, props changed) subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c (contents, props changed) subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c (contents, props changed) Modified: subversion/branches/svn-auth-x509/subversion/include/svn_x509.h URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/include/svn_x509.h?rev=1636428&r1=1636427&r2=1636428&view=diff ============================================================================== --- subversion/branches/svn-auth-x509/subversion/include/svn_x509.h (original) +++ subversion/branches/svn-auth-x509/subversion/include/svn_x509.h Mon Nov 3 20:04:36 2014 @@ -1,181 +1,181 @@ -/** - * @copyright - * ==================================================================== - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * ==================================================================== - * @endcopyright - * - * @file svn_x509.h - * @brief Subversion's X509 parser - */ - -#ifndef SVN_X509_H -#define SVN_X509_H - -#include -#include -#include - -#include "svn_error.h" -#include "svn_checksum.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define SVN_X509_OID_COMMON_NAME "2.5.4.3" -#define SVN_X509_OID_COUNTRY "2.5.4.6" -#define SVN_X509_OID_LOCALITY "2.5.4.7" -#define SVN_X509_OID_STATE "2.5.4.8" -#define SVN_X509_OID_ORGANIZATION "2.5.4.10" -#define SVN_X509_OID_ORG_UNIT "2.5.4.11" -#define SVN_X509_OID_EMAIL "1.2.840.113549.1.9.1" - -/** - * Representation of parsed certificate info. - * - * @since New in 1.9. - */ -typedef struct svn_x509_certinfo_t svn_x509_certinfo_t; - -/** - * Parse x509 @a der certificate data from @a buf with length @a - * buflen and return certificate information in @a *certinfo, - * allocated in @a result_pool. - * - * @note This function has been written with the intent of display data in a - * certificate for a user to see. As a result, it does not do much - * validation on the data it parses from the certificate. It does not - * for instance verify that the certificate is signed by the issuer. It - * does not verify a trust chain. It does not error on critical - * extensions it does not know how to parse. So while it can be used as - * part of a certificate validation scheme, it can't be used alone for - * that purpose. - * - * @since New in 1.9. - */ -svn_error_t * -svn_x509_parse_cert(svn_x509_certinfo_t **certinfo, - const char *buf, - apr_size_t buflen, - apr_pool_t *result_pool, - apr_pool_t *scratch_pool); - -/** - * Returns a deep copy of @a certinfo, allocated in @a result_pool. - * May use @a scratch_pool for temporary allocations. - * @since New in 1.9. - */ -svn_x509_certinfo_t * -svn_x509_certinfo_dup(const svn_x509_certinfo_t *certinfo, - apr_pool_t *result_pool, - apr_pool_t *scratch_pool); - -/** - * Returns the subject DN from @a certinfo. - * @since New in 1.9. - */ -const char * -svn_x509_certinfo_get_subject(const svn_x509_certinfo_t *certinfo, - apr_pool_t *result_pool); - -/** - * Returns a list of the the object IDs of the attributes available - * for the subject in the @a certinfo. The oids in the list are C - * strings with dot separated integers. - * - * @since New in 1.9. - */ -const apr_array_header_t * -svn_x509_certinfo_get_subject_oids(const svn_x509_certinfo_t *certinfo); - -/** - * Returns the value of the attribute with the object ID specified in - * @a oid of the subject from @a certinfo. @a oid is a string of dot - * separated integers. - * - * @since New in 1.9. - */ -const char * -svn_x509_certinfo_get_subject_attr(const svn_x509_certinfo_t *certinfo, - const char *oid); - -/** - * Returns the cerficiate issuer DN from @a certinfo. - * @since New in 1.9. - */ -const char * -svn_x509_certinfo_get_issuer(const svn_x509_certinfo_t *certinfo, - apr_pool_t *result_pool); - -/** - * Returns a list of the the object IDs of the attributes available - * for the issuer in the @a certinfo. The oids in the list are C - * strings with dot separated integers. - * - * @since New in 1.9. - */ -const apr_array_header_t * -svn_x509_certinfo_get_issuer_oids(const svn_x509_certinfo_t *certinfo); - -/** - * Returns the value of the attribute with the object ID specified in - * @a oid of the issuer from @a certinfo. @a oid is a string of dot - * separated integers. - * - * @since New in 1.9. - */ -const char * -svn_x509_certinfo_get_issuer_attr(const svn_x509_certinfo_t *certinfo, - const char *oid); - -/** - * Returns the start of the certificate validity period from @a certinfo. - * - * @since New in 1.9. - */ -apr_time_t -svn_x509_certinfo_get_valid_from(const svn_x509_certinfo_t *certinfo); - -/** - * Returns the end of the certificate validity period from @a certinfo. - * - * @since New in 1.9. - */ -const apr_time_t -svn_x509_certinfo_get_valid_to(const svn_x509_certinfo_t *certinfo); - -/** - * Returns the digest (fingerprint) from @a certinfo - * @since New in 1.9. - */ -const svn_checksum_t * -svn_x509_certinfo_get_digest(const svn_x509_certinfo_t *certinfo); - -/** - * Returns an array of (const char*) host names from @a certinfo. - * - * @since New in 1.9. - */ -const apr_array_header_t * -svn_x509_certinfo_get_hostnames(const svn_x509_certinfo_t *certinfo); - -#ifdef __cplusplus -} -#endif -#endif /* SVN_X509_H */ +/** + * @copyright + * ==================================================================== + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * ==================================================================== + * @endcopyright + * + * @file svn_x509.h + * @brief Subversion's X509 parser + */ + +#ifndef SVN_X509_H +#define SVN_X509_H + +#include +#include +#include + +#include "svn_error.h" +#include "svn_checksum.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define SVN_X509_OID_COMMON_NAME "2.5.4.3" +#define SVN_X509_OID_COUNTRY "2.5.4.6" +#define SVN_X509_OID_LOCALITY "2.5.4.7" +#define SVN_X509_OID_STATE "2.5.4.8" +#define SVN_X509_OID_ORGANIZATION "2.5.4.10" +#define SVN_X509_OID_ORG_UNIT "2.5.4.11" +#define SVN_X509_OID_EMAIL "1.2.840.113549.1.9.1" + +/** + * Representation of parsed certificate info. + * + * @since New in 1.9. + */ +typedef struct svn_x509_certinfo_t svn_x509_certinfo_t; + +/** + * Parse x509 @a der certificate data from @a buf with length @a + * buflen and return certificate information in @a *certinfo, + * allocated in @a result_pool. + * + * @note This function has been written with the intent of display data in a + * certificate for a user to see. As a result, it does not do much + * validation on the data it parses from the certificate. It does not + * for instance verify that the certificate is signed by the issuer. It + * does not verify a trust chain. It does not error on critical + * extensions it does not know how to parse. So while it can be used as + * part of a certificate validation scheme, it can't be used alone for + * that purpose. + * + * @since New in 1.9. + */ +svn_error_t * +svn_x509_parse_cert(svn_x509_certinfo_t **certinfo, + const char *buf, + apr_size_t buflen, + apr_pool_t *result_pool, + apr_pool_t *scratch_pool); + +/** + * Returns a deep copy of @a certinfo, allocated in @a result_pool. + * May use @a scratch_pool for temporary allocations. + * @since New in 1.9. + */ +svn_x509_certinfo_t * +svn_x509_certinfo_dup(const svn_x509_certinfo_t *certinfo, + apr_pool_t *result_pool, + apr_pool_t *scratch_pool); + +/** + * Returns the subject DN from @a certinfo. + * @since New in 1.9. + */ +const char * +svn_x509_certinfo_get_subject(const svn_x509_certinfo_t *certinfo, + apr_pool_t *result_pool); + +/** + * Returns a list of the the object IDs of the attributes available + * for the subject in the @a certinfo. The oids in the list are C + * strings with dot separated integers. + * + * @since New in 1.9. + */ +const apr_array_header_t * +svn_x509_certinfo_get_subject_oids(const svn_x509_certinfo_t *certinfo); + +/** + * Returns the value of the attribute with the object ID specified in + * @a oid of the subject from @a certinfo. @a oid is a string of dot + * separated integers. + * + * @since New in 1.9. + */ +const char * +svn_x509_certinfo_get_subject_attr(const svn_x509_certinfo_t *certinfo, + const char *oid); + +/** + * Returns the cerficiate issuer DN from @a certinfo. + * @since New in 1.9. + */ +const char * +svn_x509_certinfo_get_issuer(const svn_x509_certinfo_t *certinfo, + apr_pool_t *result_pool); + +/** + * Returns a list of the the object IDs of the attributes available + * for the issuer in the @a certinfo. The oids in the list are C + * strings with dot separated integers. + * + * @since New in 1.9. + */ +const apr_array_header_t * +svn_x509_certinfo_get_issuer_oids(const svn_x509_certinfo_t *certinfo); + +/** + * Returns the value of the attribute with the object ID specified in + * @a oid of the issuer from @a certinfo. @a oid is a string of dot + * separated integers. + * + * @since New in 1.9. + */ +const char * +svn_x509_certinfo_get_issuer_attr(const svn_x509_certinfo_t *certinfo, + const char *oid); + +/** + * Returns the start of the certificate validity period from @a certinfo. + * + * @since New in 1.9. + */ +apr_time_t +svn_x509_certinfo_get_valid_from(const svn_x509_certinfo_t *certinfo); + +/** + * Returns the end of the certificate validity period from @a certinfo. + * + * @since New in 1.9. + */ +const apr_time_t +svn_x509_certinfo_get_valid_to(const svn_x509_certinfo_t *certinfo); + +/** + * Returns the digest (fingerprint) from @a certinfo + * @since New in 1.9. + */ +const svn_checksum_t * +svn_x509_certinfo_get_digest(const svn_x509_certinfo_t *certinfo); + +/** + * Returns an array of (const char*) host names from @a certinfo. + * + * @since New in 1.9. + */ +const apr_array_header_t * +svn_x509_certinfo_get_hostnames(const svn_x509_certinfo_t *certinfo); + +#ifdef __cplusplus +} +#endif +#endif /* SVN_X509_H */ Propchange: subversion/branches/svn-auth-x509/subversion/include/svn_x509.h ------------------------------------------------------------------------------ svn:eol-style = native Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h?rev=1636428&r1=1636427&r2=1636428&view=diff ============================================================================== --- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h (original) +++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h Mon Nov 3 20:04:36 2014 @@ -1,130 +1,130 @@ -/** - * \file x509.h - * - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine - * - * Copyright (C) 2009 Paul Bakker - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * * Neither the names of PolarSSL or XySSL nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -#ifndef SVN_LIBSVN_SUBR_X509_H -#define SVN_LIBSVN_SUBR_X509_H - -#include -#include - -#include "svn_x509.h" - -/* - * DER constants - */ -#define ASN1_BOOLEAN 0x01 -#define ASN1_INTEGER 0x02 -#define ASN1_BIT_STRING 0x03 -#define ASN1_OCTET_STRING 0x04 -#define ASN1_NULL 0x05 -#define ASN1_OID 0x06 -#define ASN1_UTF8_STRING 0x0C -#define ASN1_SEQUENCE 0x10 -#define ASN1_SET 0x11 -#define ASN1_PRINTABLE_STRING 0x13 -#define ASN1_T61_STRING 0x14 -#define ASN1_IA5_STRING 0x16 -#define ASN1_UTC_TIME 0x17 -#define ASN1_GENERALIZED_TIME 0x18 -#define ASN1_UNIVERSAL_STRING 0x1C -#define ASN1_BMP_STRING 0x1E -#define ASN1_PRIMITIVE 0x00 -#define ASN1_CONSTRUCTED 0x20 -#define ASN1_CONTEXT_SPECIFIC 0x80 - -/* - * various object identifiers - */ -#define OID_SUBJECT_ALT_NAME "\x55\x1D\x11" - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - -/* - * Structures for parsing X.509 certificates - */ -typedef struct _x509_buf { - int tag; - ptrdiff_t len; - const unsigned char *p; -} x509_buf; - -typedef struct _x509_name { - x509_buf oid; - x509_buf val; - struct _x509_name *next; -} x509_name; - -typedef struct _x509_cert { - int version; - x509_buf serial; - x509_buf sig_oid1; - - x509_name issuer; - x509_name subject; - - apr_time_t valid_from; - apr_time_t valid_to; - - x509_buf issuer_id; - x509_buf subject_id; - apr_array_header_t *dnsnames; - - x509_buf sig_oid2; - x509_buf sig; - -} x509_cert; - - -/* - * Certificate info, returned from the parser - */ -struct svn_x509_certinfo_t -{ - apr_array_header_t *issuer_oids; - apr_hash_t *issuer; - apr_array_header_t *subject_oids; - apr_hash_t *subject; - apr_time_t valid_from; - apr_time_t valid_to; - svn_checksum_t *digest; - apr_array_header_t *hostnames; -}; - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /* SVN_LIBSVN_SUBR_X509_H */ +/** + * \file x509.h + * + * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine + * + * Copyright (C) 2009 Paul Bakker + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the names of PolarSSL or XySSL nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef SVN_LIBSVN_SUBR_X509_H +#define SVN_LIBSVN_SUBR_X509_H + +#include +#include + +#include "svn_x509.h" + +/* + * DER constants + */ +#define ASN1_BOOLEAN 0x01 +#define ASN1_INTEGER 0x02 +#define ASN1_BIT_STRING 0x03 +#define ASN1_OCTET_STRING 0x04 +#define ASN1_NULL 0x05 +#define ASN1_OID 0x06 +#define ASN1_UTF8_STRING 0x0C +#define ASN1_SEQUENCE 0x10 +#define ASN1_SET 0x11 +#define ASN1_PRINTABLE_STRING 0x13 +#define ASN1_T61_STRING 0x14 +#define ASN1_IA5_STRING 0x16 +#define ASN1_UTC_TIME 0x17 +#define ASN1_GENERALIZED_TIME 0x18 +#define ASN1_UNIVERSAL_STRING 0x1C +#define ASN1_BMP_STRING 0x1E +#define ASN1_PRIMITIVE 0x00 +#define ASN1_CONSTRUCTED 0x20 +#define ASN1_CONTEXT_SPECIFIC 0x80 + +/* + * various object identifiers + */ +#define OID_SUBJECT_ALT_NAME "\x55\x1D\x11" + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +/* + * Structures for parsing X.509 certificates + */ +typedef struct _x509_buf { + int tag; + ptrdiff_t len; + const unsigned char *p; +} x509_buf; + +typedef struct _x509_name { + x509_buf oid; + x509_buf val; + struct _x509_name *next; +} x509_name; + +typedef struct _x509_cert { + int version; + x509_buf serial; + x509_buf sig_oid1; + + x509_name issuer; + x509_name subject; + + apr_time_t valid_from; + apr_time_t valid_to; + + x509_buf issuer_id; + x509_buf subject_id; + apr_array_header_t *dnsnames; + + x509_buf sig_oid2; + x509_buf sig; + +} x509_cert; + + +/* + * Certificate info, returned from the parser + */ +struct svn_x509_certinfo_t +{ + apr_array_header_t *issuer_oids; + apr_hash_t *issuer; + apr_array_header_t *subject_oids; + apr_hash_t *subject; + apr_time_t valid_from; + apr_time_t valid_to; + svn_checksum_t *digest; + apr_array_header_t *hostnames; +}; + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* SVN_LIBSVN_SUBR_X509_H */ Propchange: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h ------------------------------------------------------------------------------ svn:eol-style = native Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c?rev=1636428&r1=1636427&r2=1636428&view=diff ============================================================================== --- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c (original) +++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c Mon Nov 3 20:04:36 2014 @@ -1,243 +1,243 @@ -/* - * x509info.c: Accessors for svn_x509_certinfo_t - * - * ==================================================================== - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * ==================================================================== - */ - - - -#include - -#include -#include - -#include "svn_string.h" -#include "svn_hash.h" -#include "x509.h" - - - -/* Array elements are assumed to be nul-terminated C strings. */ -static apr_array_header_t * -deep_copy_array(apr_array_header_t *s, apr_pool_t *result_pool) -{ - int i; - apr_array_header_t *d; - - if (!s) - return NULL; - - d = apr_array_copy(result_pool, s); - - /* Make a deep copy of the strings in the array. */ - for (i = 0; i < s->nelts; ++i) - { - APR_ARRAY_IDX(d, i, const char *) = - apr_pstrdup(result_pool, APR_ARRAY_IDX(s, i, const char *)); - } - - return d; -} - -/* Hash key and value are assumed to be nul-terminated C strings. */ -static apr_hash_t *deep_copy_hash(apr_hash_t *s, - apr_pool_t *scratch_pool, - apr_pool_t *result_pool) -{ - apr_hash_t *d; - apr_hash_index_t *i; - - if (!s) - return NULL; - - d = apr_hash_make(result_pool); - i = apr_hash_first(scratch_pool, s); - - /* Make a deep copy of the hash keys and values. */ - while (i) - { - const void *key; - void *val; - apr_ssize_t klen; - - apr_hash_this(i, &key, &klen, &val); - apr_hash_set(d, apr_pstrndup(result_pool, key, klen), klen, - apr_pstrdup(result_pool, val)); - i = apr_hash_next(i); - } - - return d; -} - -svn_x509_certinfo_t * -svn_x509_certinfo_dup(const svn_x509_certinfo_t *certinfo, - apr_pool_t *result_pool, - apr_pool_t *scratch_pool) -{ - svn_x509_certinfo_t *result = apr_palloc(result_pool, sizeof(*result)); - result->subject_oids = deep_copy_array(certinfo->subject_oids, result_pool); - result->subject = deep_copy_hash(certinfo->subject, scratch_pool, result_pool); - result->issuer_oids = deep_copy_array(certinfo->issuer_oids, result_pool); - result->issuer = deep_copy_hash(certinfo->issuer, scratch_pool, result_pool); - result->valid_from = certinfo->valid_from; - result->valid_to = certinfo->valid_to; - result->digest = svn_checksum_dup(certinfo->digest, result_pool); - result->hostnames = deep_copy_array(certinfo->hostnames, result_pool); - - return result; -} - -typedef struct asn1_oid { - const char *oid_string; - const char *short_label; - const char *long_label; -} asn1_oid; - -static const asn1_oid asn1_oids[] = { - { SVN_X509_OID_COMMON_NAME, "CN", "commonName" }, - { SVN_X509_OID_COUNTRY, "C", "countryName" }, - { SVN_X509_OID_LOCALITY, "L", "localityName" }, - { SVN_X509_OID_STATE, "ST", "stateOrProvinceName" }, - { SVN_X509_OID_ORGANIZATION, "O", "organizationName" }, - { SVN_X509_OID_ORG_UNIT, "OU", "organizationalUnitName"}, - { SVN_X509_OID_EMAIL, NULL, "emailAddress" }, - { NULL }, -}; - -static const asn1_oid *oid_string_to_asn1_oid(const char *oid_string) -{ - const asn1_oid *oid; - - for (oid = asn1_oids; oid->oid_string; oid++) - { - if (strcmp(oid_string, oid->oid_string) == 0) - return oid; - } - - return NULL; -} - -static const char *oid_string_to_best_label(const char *oid_string) -{ - const asn1_oid *oid = oid_string_to_asn1_oid(oid_string); - - if (oid) - { - if (oid->short_label) - return oid->short_label; - - if (oid->long_label) - return oid->long_label; - } - - return oid_string; -} - -/* - * Store the name from dn in printable form into buf, - * using scratch_pool for any temporary allocations. - * If CN is not NULL, return any common name in CN - */ -static const char * -get_dn(apr_array_header_t *oids, - apr_hash_t *hash, - apr_pool_t *result_pool) -{ - svn_stringbuf_t *buf = svn_stringbuf_create_empty(result_pool); - int n; - - for (n = 0; n < oids->nelts; n++) - { - const char *field = APR_ARRAY_IDX(oids, n, const char *); - - if (n > 0) - svn_stringbuf_appendcstr(buf, ", "); - - svn_stringbuf_appendcstr(buf, oid_string_to_best_label(field)); - svn_stringbuf_appendbyte(buf, '='); - svn_stringbuf_appendcstr(buf, svn_hash_gets(hash, field)); - } - - return buf->data; -} - -const char * -svn_x509_certinfo_get_subject(const svn_x509_certinfo_t *certinfo, - apr_pool_t *result_pool) -{ - return get_dn(certinfo->subject_oids, certinfo->subject, result_pool); -} - -const apr_array_header_t * -svn_x509_certinfo_get_subject_oids(const svn_x509_certinfo_t *certinfo) -{ - return certinfo->subject_oids; -} - -const char * -svn_x509_certinfo_get_subject_attr(const svn_x509_certinfo_t *certinfo, - const char *oid) -{ - return svn_hash_gets(certinfo->subject, oid); -} - -const char * -svn_x509_certinfo_get_issuer(const svn_x509_certinfo_t *certinfo, - apr_pool_t *result_pool) -{ - return get_dn(certinfo->issuer_oids, certinfo->issuer, result_pool); -} - -const apr_array_header_t * -svn_x509_certinfo_get_issuer_oids(const svn_x509_certinfo_t *certinfo) -{ - return certinfo->issuer_oids; -} - -const char * -svn_x509_certinfo_get_issuer_attr(const svn_x509_certinfo_t *certinfo, - const char *oid) -{ - return svn_hash_gets(certinfo->issuer, oid); -} - -apr_time_t -svn_x509_certinfo_get_valid_from(const svn_x509_certinfo_t *certinfo) -{ - return certinfo->valid_from; -} - -const apr_time_t -svn_x509_certinfo_get_valid_to(const svn_x509_certinfo_t *certinfo) -{ - return certinfo->valid_to; -} - -const svn_checksum_t * -svn_x509_certinfo_get_digest(const svn_x509_certinfo_t *certinfo) -{ - return certinfo->digest; -} - -const apr_array_header_t * -svn_x509_certinfo_get_hostnames(const svn_x509_certinfo_t *certinfo) -{ - return certinfo->hostnames; -} +/* + * x509info.c: Accessors for svn_x509_certinfo_t + * + * ==================================================================== + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * ==================================================================== + */ + + + +#include + +#include +#include + +#include "svn_string.h" +#include "svn_hash.h" +#include "x509.h" + + + +/* Array elements are assumed to be nul-terminated C strings. */ +static apr_array_header_t * +deep_copy_array(apr_array_header_t *s, apr_pool_t *result_pool) +{ + int i; + apr_array_header_t *d; + + if (!s) + return NULL; + + d = apr_array_copy(result_pool, s); + + /* Make a deep copy of the strings in the array. */ + for (i = 0; i < s->nelts; ++i) + { + APR_ARRAY_IDX(d, i, const char *) = + apr_pstrdup(result_pool, APR_ARRAY_IDX(s, i, const char *)); + } + + return d; +} + +/* Hash key and value are assumed to be nul-terminated C strings. */ +static apr_hash_t *deep_copy_hash(apr_hash_t *s, + apr_pool_t *scratch_pool, + apr_pool_t *result_pool) +{ + apr_hash_t *d; + apr_hash_index_t *i; + + if (!s) + return NULL; + + d = apr_hash_make(result_pool); + i = apr_hash_first(scratch_pool, s); + + /* Make a deep copy of the hash keys and values. */ + while (i) + { + const void *key; + void *val; + apr_ssize_t klen; + + apr_hash_this(i, &key, &klen, &val); + apr_hash_set(d, apr_pstrndup(result_pool, key, klen), klen, + apr_pstrdup(result_pool, val)); + i = apr_hash_next(i); + } + + return d; +} + +svn_x509_certinfo_t * +svn_x509_certinfo_dup(const svn_x509_certinfo_t *certinfo, + apr_pool_t *result_pool, + apr_pool_t *scratch_pool) +{ + svn_x509_certinfo_t *result = apr_palloc(result_pool, sizeof(*result)); + result->subject_oids = deep_copy_array(certinfo->subject_oids, result_pool); + result->subject = deep_copy_hash(certinfo->subject, scratch_pool, result_pool); + result->issuer_oids = deep_copy_array(certinfo->issuer_oids, result_pool); + result->issuer = deep_copy_hash(certinfo->issuer, scratch_pool, result_pool); + result->valid_from = certinfo->valid_from; + result->valid_to = certinfo->valid_to; + result->digest = svn_checksum_dup(certinfo->digest, result_pool); + result->hostnames = deep_copy_array(certinfo->hostnames, result_pool); + + return result; +} + +typedef struct asn1_oid { + const char *oid_string; + const char *short_label; + const char *long_label; +} asn1_oid; + +static const asn1_oid asn1_oids[] = { + { SVN_X509_OID_COMMON_NAME, "CN", "commonName" }, + { SVN_X509_OID_COUNTRY, "C", "countryName" }, + { SVN_X509_OID_LOCALITY, "L", "localityName" }, + { SVN_X509_OID_STATE, "ST", "stateOrProvinceName" }, + { SVN_X509_OID_ORGANIZATION, "O", "organizationName" }, + { SVN_X509_OID_ORG_UNIT, "OU", "organizationalUnitName"}, + { SVN_X509_OID_EMAIL, NULL, "emailAddress" }, + { NULL }, +}; + +static const asn1_oid *oid_string_to_asn1_oid(const char *oid_string) +{ + const asn1_oid *oid; + + for (oid = asn1_oids; oid->oid_string; oid++) + { + if (strcmp(oid_string, oid->oid_string) == 0) + return oid; + } + + return NULL; +} + +static const char *oid_string_to_best_label(const char *oid_string) +{ + const asn1_oid *oid = oid_string_to_asn1_oid(oid_string); + + if (oid) + { + if (oid->short_label) + return oid->short_label; + + if (oid->long_label) + return oid->long_label; + } + + return oid_string; +} + +/* + * Store the name from dn in printable form into buf, + * using scratch_pool for any temporary allocations. + * If CN is not NULL, return any common name in CN + */ +static const char * +get_dn(apr_array_header_t *oids, + apr_hash_t *hash, + apr_pool_t *result_pool) +{ + svn_stringbuf_t *buf = svn_stringbuf_create_empty(result_pool); + int n; + + for (n = 0; n < oids->nelts; n++) + { + const char *field = APR_ARRAY_IDX(oids, n, const char *); + + if (n > 0) + svn_stringbuf_appendcstr(buf, ", "); + + svn_stringbuf_appendcstr(buf, oid_string_to_best_label(field)); + svn_stringbuf_appendbyte(buf, '='); + svn_stringbuf_appendcstr(buf, svn_hash_gets(hash, field)); + } + + return buf->data; +} + +const char * +svn_x509_certinfo_get_subject(const svn_x509_certinfo_t *certinfo, + apr_pool_t *result_pool) +{ + return get_dn(certinfo->subject_oids, certinfo->subject, result_pool); +} + +const apr_array_header_t * +svn_x509_certinfo_get_subject_oids(const svn_x509_certinfo_t *certinfo) +{ + return certinfo->subject_oids; +} + +const char * +svn_x509_certinfo_get_subject_attr(const svn_x509_certinfo_t *certinfo, + const char *oid) +{ + return svn_hash_gets(certinfo->subject, oid); +} + +const char * +svn_x509_certinfo_get_issuer(const svn_x509_certinfo_t *certinfo, + apr_pool_t *result_pool) +{ + return get_dn(certinfo->issuer_oids, certinfo->issuer, result_pool); +} + +const apr_array_header_t * +svn_x509_certinfo_get_issuer_oids(const svn_x509_certinfo_t *certinfo) +{ + return certinfo->issuer_oids; +} + +const char * +svn_x509_certinfo_get_issuer_attr(const svn_x509_certinfo_t *certinfo, + const char *oid) +{ + return svn_hash_gets(certinfo->issuer, oid); +} + +apr_time_t +svn_x509_certinfo_get_valid_from(const svn_x509_certinfo_t *certinfo) +{ + return certinfo->valid_from; +} + +const apr_time_t +svn_x509_certinfo_get_valid_to(const svn_x509_certinfo_t *certinfo) +{ + return certinfo->valid_to; +} + +const svn_checksum_t * +svn_x509_certinfo_get_digest(const svn_x509_certinfo_t *certinfo) +{ + return certinfo->digest; +} + +const apr_array_header_t * +svn_x509_certinfo_get_hostnames(const svn_x509_certinfo_t *certinfo) +{ + return certinfo->hostnames; +} Propchange: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509info.c ------------------------------------------------------------------------------ svn:eol-style = native