From b088fd4a765fe6df2b14d582fb922da5ece946c2 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Wed, 22 Dec 2010 15:58:00 +0100
Subject: [PATCH] Slightly renamed different policyConstraints to distinguish
 them better

---
 src/libstrongswan/credentials/builder.c    |  6 +--
 src/libstrongswan/credentials/builder.h    |  6 +--
 src/libstrongswan/plugins/x509/x509_cert.c | 52 +++++++++++-----------
 src/pki/commands/issue.c                   | 12 ++---
 src/pki/commands/self.c                    | 12 ++---
 5 files changed, 44 insertions(+), 44 deletions(-)

diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index 47e1ed5b22..f9a277a2cd 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -47,9 +47,9 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
 	"BUILD_EXCLUDED_NAME_CONSTRAINTS",
 	"BUILD_CERTIFICATE_POLICIES",
 	"BUILD_POLICY_MAPPINGS",
-	"BUILD_POLICY_CONSTRAINT_EXPLICIT",
-	"BUILD_POLICY_CONSTRAINT_INHIBIT",
-	"BUILD_POLICY_CONSTRAINT_INHIBIT_ANY",
+	"BUILD_POLICY_REQUIRE_EXPLICIT",
+	"BUILD_POLICY_INHIBIT_MAPPING",
+	"BUILD_POLICY_INHIBIT_ANY",
 	"BUILD_X509_FLAG",
 	"BUILD_REVOKED_ENUMERATOR",
 	"BUILD_BASE_CRL",
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index 383fa90a76..325b668cda 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -102,11 +102,11 @@ enum builder_part_t {
 	/** policyMapping OIDs, linked_list_t* of x509_policy_mapping_t* */
 	BUILD_POLICY_MAPPINGS,
 	/** requireExplicitPolicy constraint, int */
-	BUILD_POLICY_CONSTRAINT_EXPLICIT,
+	BUILD_POLICY_REQUIRE_EXPLICIT,
 	/** inhibitPolicyMapping constraint, int */
-	BUILD_POLICY_CONSTRAINT_INHIBIT,
+	BUILD_POLICY_INHIBIT_MAPPING,
 	/** inhibitAnyPolicy constraint, int */
-	BUILD_POLICY_CONSTRAINT_INHIBIT_ANY,
+	BUILD_POLICY_INHIBIT_ANY,
 	/** enforce an additional X509 flag, x509_flag_t */
 	BUILD_X509_FLAG,
 	/** enumerator_t over (chunk_t serial, time_t date, crl_reason_t reason) */
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 4bf221fdb8..4c9d042e7a 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -179,17 +179,17 @@ struct private_x509_cert_t {
 	/**
 	 * requireExplicitPolicy Constraint
 	 */
-	char explicit_policy_constraint;
+	char require_explicit;
 
 	/**
 	 * inhibitPolicyMapping Constraint
 	 */
-	char inhibit_policy_constraint;
+	char inhibit_mapping;
 
 	/**
 	 * inhibitAnyPolicy Constraint
 	 */
-	char inhibit_any_policy;
+	char inhibit_any;
 
 	/**
 	 * x509 constraints and other flags
@@ -1089,10 +1089,10 @@ static void parse_policyConstraints(chunk_t blob, int level0,
 		switch (objectID)
 		{
 			case POLICY_CONSTRAINT_EXPLICIT:
-				this->explicit_policy_constraint = parse_constraint(object);
+				this->require_explicit = parse_constraint(object);
 				break;
 			case POLICY_CONSTRAINT_INHIBIT:
-				this->inhibit_policy_constraint = parse_constraint(object);
+				this->inhibit_mapping = parse_constraint(object);
 				break;
 			default:
 				break;
@@ -1429,7 +1429,7 @@ static bool parse_certificate(private_x509_cert_t *this)
 						{
 							goto end;
 						}
-						this->inhibit_any_policy = parse_constraint(object);
+						this->inhibit_any = parse_constraint(object);
 						break;
 					case OID_NS_REVOCATION_URL:
 					case OID_NS_CA_REVOCATION_URL:
@@ -1731,11 +1731,11 @@ METHOD(x509_t, get_constraint, int,
 		case X509_PATH_LEN:
 			return this->pathLenConstraint;
 		case X509_REQUIRE_EXPLICIT_POLICY:
-			return this->explicit_policy_constraint;
+			return this->require_explicit;
 		case X509_INHIBIT_POLICY_MAPPING:
-			return this->inhibit_policy_constraint;
+			return this->inhibit_mapping;
 		case X509_INHIBIT_ANY_POLICY:
-			return this->inhibit_any_policy;
+			return this->inhibit_any;
 		default:
 			return X509_NO_CONSTRAINT;
 	}
@@ -1870,9 +1870,9 @@ static private_x509_cert_t* create_empty(void)
 		.cert_policies = linked_list_create(),
 		.policy_mappings = linked_list_create(),
 		.pathLenConstraint = X509_NO_CONSTRAINT,
-		.explicit_policy_constraint = X509_NO_CONSTRAINT,
-		.inhibit_policy_constraint = X509_NO_CONSTRAINT,
-		.inhibit_any_policy = X509_NO_CONSTRAINT,
+		.require_explicit = X509_NO_CONSTRAINT,
+		.inhibit_mapping = X509_NO_CONSTRAINT,
+		.inhibit_any = X509_NO_CONSTRAINT,
 		.ref = 1,
 	);
 	return this;
@@ -2263,22 +2263,22 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 								asn1_wrap(ASN1_SEQUENCE, "m", policyMappings)));
 	}
 
-	if (cert->inhibit_policy_constraint != X509_NO_CONSTRAINT ||
-		cert->explicit_policy_constraint != X509_NO_CONSTRAINT)
+	if (cert->inhibit_mapping != X509_NO_CONSTRAINT ||
+		cert->require_explicit != X509_NO_CONSTRAINT)
 	{
 		chunk_t inhibit = chunk_empty, explicit = chunk_empty;
 
-		if (cert->explicit_policy_constraint != X509_NO_CONSTRAINT)
+		if (cert->require_explicit != X509_NO_CONSTRAINT)
 		{
 			explicit = asn1_wrap(ASN1_CONTEXT_C_0, "m",
 						asn1_integer("c",
-							chunk_from_thing(cert->explicit_policy_constraint)));
+							chunk_from_thing(cert->require_explicit)));
 		}
-		if (cert->inhibit_policy_constraint != X509_NO_CONSTRAINT)
+		if (cert->inhibit_mapping != X509_NO_CONSTRAINT)
 		{
 			inhibit = asn1_wrap(ASN1_CONTEXT_C_1, "m",
 						asn1_integer("c",
-							chunk_from_thing(cert->inhibit_policy_constraint)));
+							chunk_from_thing(cert->inhibit_mapping)));
 		}
 		policyConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
 						asn1_build_known_oid(OID_POLICY_CONSTRAINTS),
@@ -2288,14 +2288,14 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 								explicit, inhibit)));
 	}
 
-	if (cert->inhibit_any_policy != X509_NO_CONSTRAINT)
+	if (cert->inhibit_any != X509_NO_CONSTRAINT)
 	{
 		inhibitAnyPolicy = asn1_wrap(ASN1_SEQUENCE, "mmm",
 				asn1_build_known_oid(OID_INHIBIT_ANY_POLICY),
 				asn1_wrap(ASN1_BOOLEAN, "c", chunk_from_chars(0xFF)),
 				asn1_wrap(ASN1_OCTET_STRING, "m",
 					asn1_integer("c",
-						chunk_from_thing(cert->inhibit_any_policy))));
+						chunk_from_thing(cert->inhibit_any))));
 	}
 
 	if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
@@ -2542,14 +2542,14 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
 				enumerator->destroy(enumerator);
 				continue;
 			}
-			case BUILD_POLICY_CONSTRAINT_EXPLICIT:
-				cert->explicit_policy_constraint = va_arg(args, int);
+			case BUILD_POLICY_REQUIRE_EXPLICIT:
+				cert->require_explicit = va_arg(args, int);
 				continue;
-			case BUILD_POLICY_CONSTRAINT_INHIBIT:
-				cert->inhibit_policy_constraint = va_arg(args, int);
+			case BUILD_POLICY_INHIBIT_MAPPING:
+				cert->inhibit_mapping = va_arg(args, int);
 				continue;
-			case BUILD_POLICY_CONSTRAINT_INHIBIT_ANY:
-				cert->inhibit_any_policy = va_arg(args, int);
+			case BUILD_POLICY_INHIBIT_ANY:
+				cert->inhibit_any = va_arg(args, int);
 				continue;
 			case BUILD_NOT_BEFORE_TIME:
 				cert->notBefore = va_arg(args, time_t);
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index 32eade7f32..ebbe36010e 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -69,7 +69,7 @@ static int issue()
 	linked_list_t *san, *cdps, *ocsp, *permitted, *excluded, *policies, *mappings;
 	int lifetime = 1095;
 	int pathlen = X509_NO_CONSTRAINT, inhibit_any = X509_NO_CONSTRAINT;
-	int inhibit_policy = X509_NO_CONSTRAINT, explicit_policy = X509_NO_CONSTRAINT;
+	int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
 	chunk_t serial = chunk_empty;
 	chunk_t encoding = chunk_empty;
 	time_t not_before, not_after;
@@ -212,10 +212,10 @@ static int issue()
 				continue;
 			}
 			case 'E':
-				explicit_policy = atoi(arg);
+				require_explicit = atoi(arg);
 				continue;
 			case 'H':
-				inhibit_policy = atoi(arg);
+				inhibit_mapping = atoi(arg);
 				continue;
 			case 'A':
 				inhibit_any = atoi(arg);
@@ -447,9 +447,9 @@ static int issue()
 					BUILD_EXCLUDED_NAME_CONSTRAINTS, excluded,
 					BUILD_CERTIFICATE_POLICIES, policies,
 					BUILD_POLICY_MAPPINGS, mappings,
-					BUILD_POLICY_CONSTRAINT_INHIBIT, inhibit_policy,
-					BUILD_POLICY_CONSTRAINT_EXPLICIT, explicit_policy,
-					BUILD_POLICY_CONSTRAINT_INHIBIT_ANY, inhibit_any,
+					BUILD_POLICY_REQUIRE_EXPLICIT, require_explicit,
+					BUILD_POLICY_INHIBIT_MAPPING, inhibit_mapping,
+					BUILD_POLICY_INHIBIT_ANY, inhibit_any,
 					BUILD_END);
 	if (!cert)
 	{
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index ef0ea6bf32..c7788ff624 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -57,7 +57,7 @@ static int self()
 	linked_list_t *san, *ocsp, *permitted, *excluded, *policies, *mappings;
 	int lifetime = 1095;
 	int pathlen = X509_NO_CONSTRAINT, inhibit_any = X509_NO_CONSTRAINT;
-	int inhibit_policy = X509_NO_CONSTRAINT, explicit_policy = X509_NO_CONSTRAINT;
+	int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
 	chunk_t serial = chunk_empty;
 	chunk_t encoding = chunk_empty;
 	time_t not_before, not_after;
@@ -195,10 +195,10 @@ static int self()
 				continue;
 			}
 			case 'E':
-				explicit_policy = atoi(arg);
+				require_explicit = atoi(arg);
 				continue;
 			case 'H':
-				inhibit_policy = atoi(arg);
+				inhibit_mapping = atoi(arg);
 				continue;
 			case 'A':
 				inhibit_any = atoi(arg);
@@ -315,9 +315,9 @@ static int self()
 						BUILD_EXCLUDED_NAME_CONSTRAINTS, excluded,
 						BUILD_CERTIFICATE_POLICIES, policies,
 						BUILD_POLICY_MAPPINGS, mappings,
-						BUILD_POLICY_CONSTRAINT_EXPLICIT, explicit_policy,
-						BUILD_POLICY_CONSTRAINT_INHIBIT, inhibit_policy,
-						BUILD_POLICY_CONSTRAINT_INHIBIT_ANY, inhibit_any,
+						BUILD_POLICY_REQUIRE_EXPLICIT, require_explicit,
+						BUILD_POLICY_INHIBIT_MAPPING, inhibit_mapping,
+						BUILD_POLICY_INHIBIT_ANY, inhibit_any,
 						BUILD_END);
 	if (!cert)
 	{
-- 
2.47.2