You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by st...@apache.org on 2014/06/24 23:23:42 UTC
svn commit: r1605200 - in /subversion/branches/svn-auth-x509/subversion:
include/svn_x509.h libsvn_subr/x509.h libsvn_subr/x509parse.c svn/auth-cmd.c
Author: stsp
Date: Tue Jun 24 21:23:41 2014
New Revision: 1605200
URL: http://svn.apache.org/r1605200
Log:
On the svn-auth-x509 branch, make the X509 parser API public.
* subversion/include/svn_x509.h: New. Declares svn_x509_parse_cert().
* subversion/libsvn_subr/x509.h
(svn_x509_parse_cert): Remove declaration moved to public API.
Also remove declaration of x509parse_dn_gets.
* subversion/libsvn_subr/x509parse.c
(x509parse_dn_gets): Make static and move up in the file.
* subversion/svn/auth-cmd.c: Include svn_x509.h instead of libsvn_subr/x509.h.
Added:
subversion/branches/svn-auth-x509/subversion/include/svn_x509.h
Modified:
subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h
subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c
subversion/branches/svn-auth-x509/subversion/svn/auth-cmd.c
Added: subversion/branches/svn-auth-x509/subversion/include/svn_x509.h
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/include/svn_x509.h?rev=1605200&view=auto
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/include/svn_x509.h (added)
+++ subversion/branches/svn-auth-x509/subversion/include/svn_x509.h Tue Jun 24 21:23:41 2014
@@ -0,0 +1,54 @@
+/**
+ * @copyright
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ * @endcopyright
+ *
+ * @file svn_x509.h
+ * @brief Subversion's X509 parser
+ */
+
+#ifndef SVN_X509_H
+#define SVN_X509_H
+
+/* Hash keys for certificate information returned by svn_x509_parse_cert().
+ * @since New in 1.9 */
+#define SVN_X509_CERTINFO_KEY_ISSUER "issuer"
+#define SVN_X509_CERTINFO_KEY_VALID_FROM "valid-from"
+#define SVN_X509_CERTINFO_KEY_VALID_TO "valid-to"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Parse x509 @a der certificate data from @a buf with length @a buflen
+ * and return certificate information in @a *cert, allocated in
+ * @a result_pool. The certinfo hash contains values of type
+ * 'const char *' keyed by SVN_X509_CERTINFO_KEY_* macros. */
+svn_error_t *
+svn_x509_parse_cert(apr_hash_t **certinfo,
+ const char *buf,
+ int buflen,
+ apr_pool_t *result_pool,
+ apr_pool_t *scratch_pool);
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* SVN_X509_H */
Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h?rev=1605200&r1=1605199&r2=1605200&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h Tue Jun 24 21:23:41 2014
@@ -141,27 +141,4 @@ typedef struct _x509_cert {
#define SVN_X509_CERTINFO_KEY_VALID_FROM "valid-from"
#define SVN_X509_CERTINFO_KEY_VALID_TO "valid-to"
-#ifdef __cplusplus
-extern "C" {
-#endif
-
- /* Parse x509 DER certificate data from BUF with length BUFLEN
- * and return certificate information in *CERT, allocated in
- * RESULT_POOL. The certinfo hash contains values of type
- * 'const char *' keyed by SVN_X509_CERTINFO_KEY_* macros. */
- svn_error_t * svn_x509_parse_cert(apr_hash_t **certinfo,
- const char *buf,
- int buflen,
- apr_pool_t *result_pool,
- apr_pool_t *scratch_pool);
-
-/*
- * Store the name in printable form into buf; no more
- * than (end - buf) characters will be written
- */
-int x509parse_dn_gets(char *buf, const char *end, const x509_name * dn);
-
-#ifdef __cplusplus
-}
-#endif
#endif /* x509.h */
Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c?rev=1605200&r1=1605199&r2=1605200&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c Tue Jun 24 21:23:41 2014
@@ -467,6 +467,89 @@ x509_get_uid(const unsigned char **p,
}
/*
+ * Store the name in printable form into buf; no more
+ * than (end - buf) characters will be written
+ */
+static int x509parse_dn_gets(char *buf, const char *end, const x509_name * dn)
+{
+ int i;
+ unsigned char c;
+ const x509_name *name;
+ char s[128], *p;
+
+ memset(s, 0, sizeof(s));
+
+ name = dn;
+ p = buf;
+
+ while (name != NULL) {
+ if (name != dn)
+ p += snprintf(p, end - p, ", ");
+
+ if (memcmp(name->oid.p, OID_X520, 2) == 0) {
+ switch (name->oid.p[2]) {
+ case X520_COMMON_NAME:
+ p += snprintf(p, end - p, "CN=");
+ break;
+
+ case X520_COUNTRY:
+ p += snprintf(p, end - p, "C=");
+ break;
+
+ case X520_LOCALITY:
+ p += snprintf(p, end - p, "L=");
+ break;
+
+ case X520_STATE:
+ p += snprintf(p, end - p, "ST=");
+ break;
+
+ case X520_ORGANIZATION:
+ p += snprintf(p, end - p, "O=");
+ break;
+
+ case X520_ORG_UNIT:
+ p += snprintf(p, end - p, "OU=");
+ break;
+
+ default:
+ p += snprintf(p, end - p, "0x%02X=",
+ name->oid.p[2]);
+ break;
+ }
+ } else if (memcmp(name->oid.p, OID_PKCS9, 8) == 0) {
+ switch (name->oid.p[8]) {
+ case PKCS9_EMAIL:
+ p += snprintf(p, end - p, "emailAddress=");
+ break;
+
+ default:
+ p += snprintf(p, end - p, "0x%02X=",
+ name->oid.p[8]);
+ break;
+ }
+ } else
+ p += snprintf(p, end - p, "\?\?=");
+
+ for (i = 0; i < name->val.len; i++) {
+ if (i >= (int)sizeof(s) - 1)
+ break;
+
+ c = name->val.p[i];
+ if (c < 32 || c == 127 || (c > 128 && c < 160))
+ s[i] = '?';
+ else
+ s[i] = c;
+ }
+ s[i] = '\0';
+ p += snprintf(p, end - p, "%s", s);
+ name = name->next;
+ }
+
+ return (p - buf);
+}
+
+/*
* Parse one certificate.
*/
svn_error_t *
@@ -657,86 +740,3 @@ svn_x509_parse_cert(apr_hash_t **certinf
return SVN_NO_ERROR;
}
-/*
- * Store the name in printable form into buf; no more
- * than (end - buf) characters will be written
- */
-int x509parse_dn_gets(char *buf, const char *end, const x509_name * dn)
-{
- int i;
- unsigned char c;
- const x509_name *name;
- char s[128], *p;
-
- memset(s, 0, sizeof(s));
-
- name = dn;
- p = buf;
-
- while (name != NULL) {
- if (name != dn)
- p += snprintf(p, end - p, ", ");
-
- if (memcmp(name->oid.p, OID_X520, 2) == 0) {
- switch (name->oid.p[2]) {
- case X520_COMMON_NAME:
- p += snprintf(p, end - p, "CN=");
- break;
-
- case X520_COUNTRY:
- p += snprintf(p, end - p, "C=");
- break;
-
- case X520_LOCALITY:
- p += snprintf(p, end - p, "L=");
- break;
-
- case X520_STATE:
- p += snprintf(p, end - p, "ST=");
- break;
-
- case X520_ORGANIZATION:
- p += snprintf(p, end - p, "O=");
- break;
-
- case X520_ORG_UNIT:
- p += snprintf(p, end - p, "OU=");
- break;
-
- default:
- p += snprintf(p, end - p, "0x%02X=",
- name->oid.p[2]);
- break;
- }
- } else if (memcmp(name->oid.p, OID_PKCS9, 8) == 0) {
- switch (name->oid.p[8]) {
- case PKCS9_EMAIL:
- p += snprintf(p, end - p, "emailAddress=");
- break;
-
- default:
- p += snprintf(p, end - p, "0x%02X=",
- name->oid.p[8]);
- break;
- }
- } else
- p += snprintf(p, end - p, "\?\?=");
-
- for (i = 0; i < name->val.len; i++) {
- if (i >= (int)sizeof(s) - 1)
- break;
-
- c = name->val.p[i];
- if (c < 32 || c == 127 || (c > 128 && c < 160))
- s[i] = '?';
- else
- s[i] = c;
- }
- s[i] = '\0';
- p += snprintf(p, end - p, "%s", s);
- name = name->next;
- }
-
- return (p - buf);
-}
-
Modified: subversion/branches/svn-auth-x509/subversion/svn/auth-cmd.c
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/svn/auth-cmd.c?rev=1605200&r1=1605199&r2=1605200&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/svn/auth-cmd.c (original)
+++ subversion/branches/svn-auth-x509/subversion/svn/auth-cmd.c Tue Jun 24 21:23:41 2014
@@ -42,11 +42,11 @@
#include "svn_auth.h"
#include "svn_sorts.h"
#include "svn_base64.h"
+#include "svn_x509.h"
#include "private/svn_cmdline_private.h"
#include "private/svn_token.h"
#include "private/svn_sorts_private.h"
-#include "libsvn_subr/x509.h"
#include "cl.h"