r3363 - in trunk/libmcrypto: include/libmcrypto source

Mon Aug 13 12:58:02 CEST 2007

Author: mikaelsv
Date: 2007-08-13 12:58:01 +0200 (Mon, 13 Aug 2007)
New Revision: 3363

Modified:
   trunk/libmcrypto/include/libmcrypto/CertificateFinder.h
   trunk/libmcrypto/include/libmcrypto/CertificatePathFinderUcd.h
   trunk/libmcrypto/source/CertificateFinder.cxx
   trunk/libmcrypto/source/CertificatePathFinderUcd.cxx
Log:
* Moved getSubjectDomain from CertificatePathFinderUcd to CertificateFinder



Modified: trunk/libmcrypto/include/libmcrypto/CertificateFinder.h
===================================================================

--- trunk/libmcrypto/include/libmcrypto/CertificateFinder.h	2007-08-13 08:11:03 UTC (rev 3362)
+++ trunk/libmcrypto/include/libmcrypto/CertificateFinder.h	2007-08-13 10:58:01 UTC (rev 3363)
@@ -110,7 +110,15 @@
 		//std::vector<MRef<Certificate*> > findDnsGuessing(const std::string subjectUri);
 
 		void setAutoCacheCerts(const bool value);
+
 		bool getAutoCacheCerts() const;
+		/**
+		 * Get the (first found) domain name specified in the subjectAltName extensions of certificate \p cert.
+		 *
+		 * Handles both DNS names (obviously) and URIs of SIP type.
+		 */
+		std::string getSubjectDomain(MRef<Certificate*> cert);
+
 	private:
 		std::vector<MRef<Certificate*> > downloadFromLdap(const LdapUrl & url, const std::string sipUri, const std::string issuer, const bool typeCrossCert);
 

Modified: trunk/libmcrypto/include/libmcrypto/CertificatePathFinderUcd.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/CertificatePathFinderUcd.h	2007-08-13 08:11:03 UTC (rev 3362)
+++ trunk/libmcrypto/include/libmcrypto/CertificatePathFinderUcd.h	2007-08-13 10:58:01 UTC (rev 3363)
@@ -136,13 +136,6 @@
 		 */
 		bool verifyLastPair(std::vector<MRef<Certificate*> > & certList);
 
-		/**
-		 * Get the (first found) domain name specified in the subjectAltName extensions of certificate \p cert.
-		 *
-		 * Handles both DNS names (obviously) and URIs of SIP type.
-		 */
-		std::string getSubjectDomain(MRef<Certificate*> cert);
-
 		MRef<CertificateFinder*> certFinder;
 		CertificateFinderStats* stats;
 };

Modified: trunk/libmcrypto/source/CertificateFinder.cxx
===================================================================
--- trunk/libmcrypto/source/CertificateFinder.cxx	2007-08-13 08:11:03 UTC (rev 3362)
+++ trunk/libmcrypto/source/CertificateFinder.cxx	2007-08-13 10:58:01 UTC (rev 3363)
@@ -29,6 +29,7 @@
 #include <libmnetutil/LdapEntry.h>
 #include <libmnetutil/LdapCredentials.h>
 
+#include<libmutil/SipUri.h>
 #include <iostream>
 
 CertificateFinder::CertificateFinder() : stats(NULL) {
@@ -377,3 +378,22 @@
 bool CertificateFinder::getAutoCacheCerts() const {
 	return autoAddToCache;
 }
+std::string CertificateFinder::getSubjectDomain(MRef<Certificate*> cert) {
+	std::vector<std::string> curAltNames = cert->getAltName(Certificate::SAN_URI);
+	if (curAltNames.size() > 0) {
+		// First try to determine the "current domain" by analyzing the subjectAltNames and assuming that the "current certificate" is an end-user certificate
+		for (std::vector<std::string>::iterator nameIter = curAltNames.begin(); nameIter != curAltNames.end(); nameIter++) {
+			SipUri uri(*nameIter);
+			if (uri.isValid()) {
+				return uri.getIp();
+			}
+		}
+
+	} else {
+		// No SIP URIs were found in the subjectAltNames. Try looking for DNS names instead (i.e. assume that the current certificate is a CA certificate instead of an end-user certificate)
+		curAltNames = cert->getAltName(Certificate::SAN_DNSNAME);
+		if (curAltNames.size() > 0)
+			return curAltNames.at(0);
+	}
+	return "";
+}

Modified: trunk/libmcrypto/source/CertificatePathFinderUcd.cxx
===================================================================
--- trunk/libmcrypto/source/CertificatePathFinderUcd.cxx	2007-08-13 08:11:03 UTC (rev 3362)
+++ trunk/libmcrypto/source/CertificatePathFinderUcd.cxx	2007-08-13 10:58:01 UTC (rev 3363)
@@ -423,7 +423,7 @@
 	When looking for down-certificates we must know where in the hierarchy
 	we are right now (so that we don't accidentally "mark" a parent as a child).
 	*/
-	std::string curDomain = getSubjectDomain(curCert);
+	std::string curDomain = certFinder->getSubjectDomain(curCert);
 
 	std::vector<std::string> resDomains;
 
@@ -495,22 +495,3 @@
 		std::cout << "No stats collected." << std::endl;
 	}
 }
-std::string CertificatePathFinderUcd::getSubjectDomain(MRef<Certificate*> cert) {
-	std::vector<std::string> curAltNames = cert->getAltName(Certificate::SAN_URI);
-	if (curAltNames.size() > 0) {
-		// First try to determine the "current domain" by analyzing the subjectAltNames and assuming that the "current certificate" is an end-user certificate
-		for (std::vector<std::string>::iterator nameIter = curAltNames.begin(); nameIter != curAltNames.end(); nameIter++) {
-			SipUri uri(*nameIter);
-			if (uri.isValid()) {
-				return uri.getIp();
-			}
-		}
-
-	} else {
-		// No SIP URIs were found in the subjectAltNames. Try looking for DNS names instead (i.e. assume that the current certificate is a CA certificate instead of an end-user certificate)
-		curAltNames = cert->getAltName(Certificate::SAN_DNSNAME);
-		if (curAltNames.size() > 0)
-			return curAltNames.at(0);
-	}
-	return "";
-}

