From: Martin Willi <martin@revosec.ch>
Date: Thu, 23 Dec 2010 14:00:34 +0000 (+0100)
Subject: Added support for OCSP responder URIs to conftest
X-Git-Tag: 4.5.1~147
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97d30f0010528b0d7b7b7128e25d4585c11710ef;p=thirdparty%2Fstrongswan.git

Added support for OCSP responder URIs to conftest
---

diff --git a/src/conftest/conftest.c b/src/conftest/conftest.c
index e21914811b..646359a9da 100644
--- a/src/conftest/conftest.c
+++ b/src/conftest/conftest.c
@@ -229,12 +229,21 @@ static void load_cdps(settings_t *settings)
 	enumerator_t *enumerator;
 	identification_t *id;
 	char *ca, *uri, *section;
+	certificate_type_t type;
 	x509_t *x509;
 
 	enumerator = settings->create_section_enumerator(settings, "cdps");
 	while (enumerator->enumerate(enumerator, &section))
 	{
-		if (!strncaseeq(section, "crl", strlen("crl")))
+		if (strncaseeq(section, "crl", strlen("crl")))
+		{
+			type = CERT_X509_CRL;
+		}
+		else if (strncaseeq(section, "ocsp", strlen("ocsp")))
+		{
+			type = CERT_X509_OCSP_RESPONSE;
+		}
+		else
 		{
 			fprintf(stderr, "unknown cdp type '%s', ignored\n", section);
 			continue;
@@ -256,7 +265,7 @@ static void load_cdps(settings_t *settings)
 		}
 		id = identification_create_from_encoding(ID_KEY_ID,
 									x509->get_subjectKeyIdentifier(x509));
-		conftest->creds->add_cdp(conftest->creds, CERT_X509_CRL, id, uri);
+		conftest->creds->add_cdp(conftest->creds, type, id, uri);
 		DESTROY_IF((certificate_t*)x509);
 		id->destroy(id);
 	}