security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2025-01-07 12:14:31 +01:00
Code Issues Releases Wiki Activity

implementing loading of the OIDs

Browse Source
This commit is contained in:
kakwa 2016-08-27 11:39:53 +02:00
parent 439b08a014
commit f40732e857
4 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
inc/rfc3161.h
View File

@ -38,3 +38,4 @@ static ASN1_INTEGER *next_serial(const char *serialfile);
static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial); static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section, TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
const char *policy); const char *policy);
int add_oid_section(rfc3161_context *ct, CONF *conf);

28
src/lib/rfc3161.c
View File

@ -22,8 +22,7 @@
#include <syslog.h> #include <syslog.h>
#include "utils.h" #include "utils.h"
/* Name of config entry that defines the OID file. */ #define OID_SECTION "oids"
#define ENV_OID_FILE "oid_file"
/* Reply related functions. */ /* Reply related functions. */
static int reply_command(CONF *conf, char *section, char *engine, char *query, static int reply_command(CONF *conf, char *section, char *engine, char *query,
@ -71,6 +70,28 @@ static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
* Reply-related method definitions. * Reply-related method definitions.
*/ */
int add_oid_section(rfc3161_context *ct, CONF *conf)
{
char *p;
STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *cnf;
int i;
if ((sktmp = NCONF_get_section(conf, OID_SECTION)) == NULL) {
uts_logger(ct, LOG_ERR, "problem loading oid section %s\n", p);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
cnf = sk_CONF_VALUE_value(sktmp, i);
if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
uts_logger(ct, LOG_ERR, "problem creating object %s=%s\n",
cnf->name, cnf->value);
return 0;
}
}
return 1;
}
static int reply_command(CONF *conf, char *section, char *engine, char *query, static int reply_command(CONF *conf, char *section, char *engine, char *query,
char *passin, char *inkey, const EVP_MD *md, char *passin, char *inkey, const EVP_MD *md,
char *signer, char *chain, const char *policy, char *signer, char *chain, const char *policy,
@ -282,10 +303,9 @@ end:
ERR_load_TS_strings(); ERR_load_TS_strings();
uts_logger(ct, LOG_DEBUG, "OpenSSL exception: '%s'", uts_logger(ct, LOG_DEBUG, "OpenSSL exception: '%s'",
ERR_error_string(err_code, NULL)); ERR_error_string(err_code, NULL));
uts_logger(ct, LOG_ERR, "error '%s' in component '%s'", uts_logger(ct, LOG_ERR, "error '%s' in OpenSSL component '%s'",
ERR_reason_error_string(err_code), ERR_reason_error_string(err_code),
ERR_lib_error_string(err_code)); ERR_lib_error_string(err_code));
// printf("%lu\n", err_code, NULL); // printf("%lu\n", err_code, NULL);
// printf("%s\n", ERR_reason_error_string(err_code)); // printf("%s\n", ERR_reason_error_string(err_code));
// printf("%s\n", ERR_func_error_string(err_code)); // printf("%s\n", ERR_func_error_string(err_code));

2
src/lib/utils.c
View File

@ -240,6 +240,8 @@ int set_params(rfc3161_context *ct, char *conf_file) {
ct->http_options[http_counter] = NULL; ct->http_options[http_counter] = NULL;
} }
if(! add_oid_section(ct, conf))
ret = 0;
ct->ts_ctx = create_tsctx(ct, conf, NULL, NULL); ct->ts_ctx = create_tsctx(ct, conf, NULL, NULL);
if (ct->ts_ctx == NULL) if (ct->ts_ctx == NULL)
ret = 0; ret = 0;

2
tests/cfg/uts-server.cnf
View File

@ -1,4 +1,4 @@
[ new_oids ] [ oids ]
# Policies used by the TSA examples. # Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1 tsa_policy1 = 1.2.3.4.1