From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Wed, 30 May 2018 13:41:01 +0000 (+0200)
Subject: libstrongswan: xmppaddr prefix designates an xmppAddr otherName ID type
X-Git-Tag: 5.7.0dr1~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6d087b33dea2eade898ce2f473d1ce6b46755652;p=thirdparty%2Fstrongswan.git

libstrongswan: xmppaddr prefix designates an xmppAddr otherName ID type
---

diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index bc3a443464..f3d4377d8d 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -369,8 +369,13 @@ static bool parse_otherName(chunk_t *blob, int level0, id_type_t *type)
 				switch (oid)
 				{
 					case OID_XMPP_ADDR:
-						if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
+						if (asn1_parse_simple_object(&object, ASN1_UTF8STRING,
 									parser->get_level(parser)+1, "xmppAddr"))
+						{	/* we handle xmppAddr as RFC822 addr */
+							*blob = object;
+							*type = ID_RFC822_ADDR;
+						}
+						else
 						{
 							goto end;
 						}
@@ -2021,6 +2026,8 @@ chunk_t build_generalName(identification_t *id)
 
 	switch (id->get_type(id))
 	{
+		case ID_DER_ASN1_GN:
+			return chunk_clone(id->get_encoding(id));
 		case ID_RFC822_ADDR:
 			context = ASN1_CONTEXT_S_1;
 			break;
diff --git a/src/libstrongswan/tests/suites/test_identification.c b/src/libstrongswan/tests/suites/test_identification.c
index c0a21fe343..4b22024316 100644
--- a/src/libstrongswan/tests/suites/test_identification.c
+++ b/src/libstrongswan/tests/suites/test_identification.c
@@ -234,6 +234,12 @@ static struct {
 		.data.c = chunk_from_chars(0xc0,0xa8,0x01,0x01) }},
 	{ "email:tester",			ID_RFC822_ADDR,			{ .type = ENC_STRING,
 		.data.s = "tester" }},
+	{"xmppaddr:bob@strongswan.org",	ID_DER_ASN1_GN,		{ .type = ENC_CHUNK,
+		.data.c = chunk_from_chars(0xa0,0x20,0x06,0x08,0x2b,0x06,0x01,0x05,
+								   0x05,0x07,0x08,0x05,0xa0,0x14,0x0c,0x12,
+								   0x62,0x6f,0x62,0x40,0x73,0x74,0x72,0x6f,
+								   0x6e,0x67,0x73,0x77,0x61,0x6e,0x2e,0x6f,
+								   0x72,0x67) }},
 	{ "{1}:#c0a80101",			ID_IPV4_ADDR,			{ .type = ENC_CHUNK,
 		.data.c = chunk_from_chars(0xc0,0xa8,0x01,0x01) }},
 	{ "{0x02}:tester",			ID_FQDN,				{ .type = ENC_STRING,
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index 56298a60f3..36c0c9daad 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -1222,6 +1222,7 @@ static private_identification_t* create_from_string_with_prefix_type(char *str)
 		{ "dns:",			ID_FQDN					},
 		{ "asn1dn:",		ID_DER_ASN1_DN			},
 		{ "asn1gn:",		ID_DER_ASN1_GN			},
+		{ "xmppaddr:",		ID_DER_ASN1_GN          },
 		{ "keyid:",			ID_KEY_ID				},
 	};
 	private_identification_t *this;
@@ -1233,6 +1234,7 @@ static private_identification_t* create_from_string_with_prefix_type(char *str)
 		{
 			this = identification_create(prefixes[i].type);
 			str += strlen(prefixes[i].str);
+
 			if (*str == '#')
 			{
 				this->encoded = chunk_from_hex(chunk_from_str(str + 1), NULL);
@@ -1241,6 +1243,17 @@ static private_identification_t* create_from_string_with_prefix_type(char *str)
 			{
 				this->encoded = chunk_clone(chunk_from_str(str));
 			}
+
+			if (prefixes[i].type == ID_DER_ASN1_GN &&
+				strcasepfx(prefixes[i].str, "xmppaddr:"))
+			{
+				this->encoded = asn1_wrap(ASN1_CONTEXT_C_0, "mm",
+									asn1_build_known_oid(OID_XMPP_ADDR),
+									asn1_wrap(ASN1_CONTEXT_C_0, "m",
+										asn1_wrap(ASN1_UTF8STRING, "m",
+											this->encoded)));
+			}
+
 			return this;
 		}
 	}