use crl_reason_t definition from <credentials/certificates/crl.h>

diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index 549d0a7f73ab68941276cefcc31db71b76eed5e7..01c4696260b29efaa303a66603b78a373dc6d980 100644 (file)
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -374,7 +374,7 @@ void load_crls(void)
  */
 static crl_reason_t parse_crl_reasonCode(chunk_t object)
 {
-       crl_reason_t reason = REASON_UNSPECIFIED;
+       crl_reason_t reason = CRL_UNSPECIFIED;
 
        if (*object.ptr == ASN1_ENUMERATED
        &&  asn1_length(&object) == 1)
@@ -448,7 +448,7 @@ bool parse_x509crl(chunk_t blob, u_int level0, x509crl_t *crl)
                                revokedCert_t *revokedCert = malloc_thing(revokedCert_t);
                                revokedCert->userCertificate = userCertificate;
                                revokedCert->revocationDate = asn1_parse_time(object, level);
-                               revokedCert->revocationReason = REASON_UNSPECIFIED;
+                               revokedCert->revocationReason = CRL_UNSPECIFIED;
                                revokedCert->next = crl->revokedCertificates;
                                crl->revokedCertificates = revokedCert;
                        }
@@ -519,7 +519,7 @@ check_revocation(const x509crl_t *crl, chunk_t serial
        revokedCert_t *revokedCert = crl->revokedCertificates;
 
        *revocationDate = UNDEFINED_TIME;
-       *revocationReason = REASON_UNSPECIFIED;
+       *revocationReason = CRL_UNSPECIFIED;
        
        DBG(DBG_CONTROL,
                DBG_dump_chunk("serial number:", serial)
@@ -594,7 +594,7 @@ verify_by_crl(const x509cert_t *cert, time_t *until, time_t *revocationDate
        generalName_t *crluri = (ca == NULL)? NULL : ca->crluri;
 
        *revocationDate = UNDEFINED_TIME;
-       *revocationReason = REASON_UNSPECIFIED;
+       *revocationReason = CRL_UNSPECIFIED;
 
        lock_crl_list("verify_by_crl");
        crl = get_x509crl(cert->issuer, cert->authKeySerialNumber, cert->authKeyID);

diff --git a/src/pluto/crl.h b/src/pluto/crl.h
index 90a6586db8c9a1a325df1c280014795edb2a0f27..dcf039541af3c460d364576cdee18ec563cca0d1 100644 (file)
--- a/src/pluto/crl.h
+++ b/src/pluto/crl.h
@@ -14,6 +14,8 @@
 
 #include "constants.h"
 
+#include <credentials/certificates/crl.h>
+
 /* access structure for a revoked serial number */
 
 typedef struct revokedCert revokedCert_t;

diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c
index bb9242bdccbc315812fc4aa86e48e36f07bd4507..70621f843044bf1b36f2eca3a02cee869a12b510 100644 (file)
--- a/src/pluto/ocsp.c
+++ b/src/pluto/ocsp.c
@@ -112,7 +112,7 @@ const single_response_t empty_single_response = {
        { NULL, 0 }       , /* serial_number */
        CERT_UNDEFINED    , /* status */
        UNDEFINED_TIME    , /* revocationTime */
-       REASON_UNSPECIFIED, /* revocationReason */
+       CRL_UNSPECIFIED   , /* revocationReason */
        UNDEFINED_TIME    , /* this_update */
        UNDEFINED_TIME      /* next_update */
 };
@@ -425,7 +425,7 @@ cert_status_t verify_by_ocsp(const x509cert_t *cert, time_t *until,
        time_t nextUpdate = 0;
 
        *revocationDate = UNDEFINED_TIME;
-       *revocationReason = REASON_UNSPECIFIED;
+       *revocationReason = CRL_UNSPECIFIED;
        
        /* is an ocsp location defined? */
        if (!build_ocsp_location(cert, &location))
@@ -1292,7 +1292,7 @@ static bool parse_ocsp_single_response(chunk_t blob, int level0,
                        break;
                case SINGLE_RESPONSE_CERT_STATUS_CRL_REASON:
                        sres->revocationReason = (object.len == 1)
-                               ? *object.ptr : REASON_UNSPECIFIED;
+                               ? *object.ptr : CRL_UNSPECIFIED;
                        break;
                case SINGLE_RESPONSE_CERT_STATUS_UNKNOWN:
                        sres->status = CERT_UNKNOWN;

diff --git a/src/pluto/ocsp.h b/src/pluto/ocsp.h
index d8ee7bd8cf032a3a0ad71adcce50297f04d1649c..4615e6f7699df09a772dc28bd1b598b689b0269e 100644 (file)
--- a/src/pluto/ocsp.h
+++ b/src/pluto/ocsp.h
@@ -15,6 +15,8 @@
 
 #include "constants.h"
 
+#include <credentials/certificates/crl.h>
+
 /* constants */
 
 #define OCSP_BASIC_RESPONSE_VERSION     1

diff --git a/src/pluto/x509.c b/src/pluto/x509.c
index 0080add0b7eac61f744c64cf0b7b78897f94cacf..9d3bf89b09d18601568eb766acf6faaac898830d 100644 (file)
--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@@ -1986,7 +1986,7 @@ bool verify_x509cert(const x509cert_t *cert, bool strict, time_t *until)
                {
                        time_t nextUpdate = *until;
                        time_t revocationDate = UNDEFINED_TIME;
-                       crl_reason_t revocationReason = REASON_UNSPECIFIED;
+                       crl_reason_t revocationReason = CRL_UNSPECIFIED;
 
                        /* first check certificate revocation using ocsp */
                        cert_status_t status = verify_by_ocsp(cert, &nextUpdate