diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-04-10 20:58:34 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-04-10 20:58:34 +0000 |
| commit | c337af36932bcaa6d7c313ce19ac8dc71c47c9d7 (patch) | |
| tree | cf655462efe304295a6f5add3932f5bfc3bf5ddf /sbin | |
| parent | dc17601aa136ea54c4bedcd8c150d6c464d1df7f (diff) | |
Only make the type part of the idstring lowercase when looking for certs in
'/etc/iked', otherwise certs with SubjAltNames containing uppercase
letters are not found.
ok markus@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/iked/ca.c | 4 | ||||
| -rw-r--r-- | sbin/iked/iked.h | 4 | ||||
| -rw-r--r-- | sbin/iked/parse.y | 4 | ||||
| -rw-r--r-- | sbin/iked/util.c | 6 |
4 files changed, 9 insertions, 9 deletions
diff --git a/sbin/iked/ca.c b/sbin/iked/ca.c index ff078179e08..377a71754a6 100644 --- a/sbin/iked/ca.c +++ b/sbin/iked/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.58 2020/04/08 20:04:19 tobhe Exp $ */ +/* $OpenBSD: ca.c,v 1.59 2020/04/10 20:58:32 tobhe Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -1375,7 +1375,7 @@ ca_validate_pubkey(struct iked *env, struct iked_static_id *id, } } - lc_string(idstr); + lc_idtype(idstr); if (strlcpy(file, IKED_PUBKEY_DIR, sizeof(file)) >= sizeof(file) || strlcat(file, idstr, sizeof(file)) >= sizeof(file)) { log_debug("%s: public key id too long %s", __func__, idstr); diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 25616cea458..1b10bd90e05 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.142 2020/04/09 19:55:19 tobhe Exp $ */ +/* $OpenBSD: iked.h,v 1.143 2020/04/10 20:58:32 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -1044,7 +1044,7 @@ const char * print_spi(uint64_t, int); const char * print_map(unsigned int, struct iked_constmap *); -void lc_string(char *); +void lc_idtype(char *); void print_hex(const uint8_t *, off_t, size_t); void print_hexval(const uint8_t *, off_t, size_t); const char * diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y index 38c07b95de2..a69fcbc8ad5 100644 --- a/sbin/iked/parse.y +++ b/sbin/iked/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.90 2020/03/28 21:05:19 tobhe Exp $ */ +/* $OpenBSD: parse.y,v 1.91 2020/04/10 20:58:32 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -1994,7 +1994,7 @@ set_policy(char *idstr, int type, struct iked_policy *pol) return (-1); } - lc_string(idstr); + lc_idtype(idstr); if ((size_t)snprintf(keyfile, sizeof(keyfile), IKED_CA IKED_PUBKEY_DIR "%s/%s", prefix, idstr) >= sizeof(keyfile)) { diff --git a/sbin/iked/util.c b/sbin/iked/util.c index 60f03b14f69..f63fc9aee1c 100644 --- a/sbin/iked/util.c +++ b/sbin/iked/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.38 2020/02/13 16:27:02 tobhe Exp $ */ +/* $OpenBSD: util.c,v 1.39 2020/04/10 20:58:33 tobhe Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -459,9 +459,9 @@ print_map(unsigned int type, struct iked_constmap *map) } void -lc_string(char *str) +lc_idtype(char *str) { - for (; *str != '\0'; str++) + for (; *str != '\0' && *str != '/'; str++) *str = tolower((unsigned char)*str); } |