diff options
Diffstat (limited to 'src/libstrongswan/credentials/certificates')
5 files changed, 20 insertions, 18 deletions
diff --git a/src/libstrongswan/credentials/certificates/ac.h b/src/libstrongswan/credentials/certificates/ac.h index fef7f8c65..57b44adca 100644 --- a/src/libstrongswan/credentials/certificates/ac.h +++ b/src/libstrongswan/credentials/certificates/ac.h @@ -79,7 +79,6 @@ struct ac_t { /** * @brief Checks if two attribute certificates belong to the same holder * - * @param this calling attribute certificate * @param that other attribute certificate * @return TRUE if same holder */ diff --git a/src/libstrongswan/credentials/certificates/certificate.c b/src/libstrongswan/credentials/certificates/certificate.c index 661b69e36..33ba4e907 100644 --- a/src/libstrongswan/credentials/certificates/certificate.c +++ b/src/libstrongswan/credentials/certificates/certificate.c @@ -38,6 +38,7 @@ ENUM(cert_validation_names, VALIDATION_GOOD, VALIDATION_REVOKED, "SKIPPED", "STALE", "FAILED", + "ON_HOLD", "REVOKED", ); diff --git a/src/libstrongswan/credentials/certificates/certificate.h b/src/libstrongswan/credentials/certificates/certificate.h index 43bfe3dc1..2f471da5b 100644 --- a/src/libstrongswan/credentials/certificates/certificate.h +++ b/src/libstrongswan/credentials/certificates/certificate.h @@ -77,6 +77,8 @@ enum cert_validation_t { VALIDATION_STALE, /** validation failed due to a processing error */ VALIDATION_FAILED, + /** certificate is on hold (i.e. temporary revokation) */ + VALIDATION_ON_HOLD, /** certificate has been revoked */ VALIDATION_REVOKED, }; @@ -115,7 +117,7 @@ struct certificate_t { * not returned by get_subject (e.g. subjectAltNames) * * @param subject subject identity - * @return matching value of best match + * @return matching value of best match */ id_match_t (*has_subject)(certificate_t *this, identification_t *subject); @@ -132,8 +134,8 @@ struct certificate_t { * A certificate may contain additional issuer identifiers, which are * not returned by get_issuer (e.g. issuerAltNames) * - * @param subject isser identity - * @return matching value of best match + * @param subject issuer identity + * @return matching value of best match */ id_match_t (*has_issuer)(certificate_t *this, identification_t *issuer); @@ -141,7 +143,7 @@ struct certificate_t { * Check if this certificate is issued and signed by a specific issuer. * * @param issuer issuer's certificate - * @return TRUE if certificate issued by issuer and trusted + * @return TRUE if certificate issued by issuer and trusted */ bool (*issued_by)(certificate_t *this, certificate_t *issuer); @@ -176,7 +178,7 @@ struct certificate_t { /** * Check if two certificates are equal. * - * @param other certificate to compair against this + * @param other certificate to compare against this * @return TRUE if certificates are equal */ bool (*equals)(certificate_t *this, certificate_t *other); @@ -197,10 +199,10 @@ struct certificate_t { /** * Generic check if a given certificate is newer than another. * - * @param this first certificate to check - * @param other second certificate + * @param cert certificate + * @param other certificate to compare to * @return TRUE if this newer than other */ -bool certificate_is_newer(certificate_t *this, certificate_t *other); +bool certificate_is_newer(certificate_t *cert, certificate_t *other); #endif /** CERTIFICATE_H_ @}*/ diff --git a/src/libstrongswan/credentials/certificates/crl.h b/src/libstrongswan/credentials/certificates/crl.h index 2f3497474..4191c5935 100644 --- a/src/libstrongswan/credentials/certificates/crl.h +++ b/src/libstrongswan/credentials/certificates/crl.h @@ -100,10 +100,10 @@ struct crl_t { /** * Generic check if a given CRL is newer than another. * - * @param this first CRL to check - * @param other second CRL + * @param crl CRL + * @param other CRL to compare to * @return TRUE if this newer than other */ -bool crl_is_newer(crl_t *this, crl_t *other); +bool crl_is_newer(crl_t *crl, crl_t *other); #endif /** CRL_H_ @}*/ diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h index fec02dbad..5125aca26 100644 --- a/src/libstrongswan/credentials/certificates/x509.h +++ b/src/libstrongswan/credentials/certificates/x509.h @@ -41,13 +41,13 @@ enum x509_flag_t { /** cert has no constraints */ X509_NONE = 0, /** cert has CA constraint */ - X509_CA = (1<<0), + X509_CA = (1<<0), /** cert has AA constraint */ - X509_AA = (1<<1), + X509_AA = (1<<1), /** cert has OCSP signer constraint */ - X509_OCSP_SIGNER = (1<<2), + X509_OCSP_SIGNER = (1<<2), /** cert has serverAuth key usage */ - X509_SERVER_AUTH = (1<<3), + X509_SERVER_AUTH = (1<<3), /** cert has clientAuth key usage */ X509_CLIENT_AUTH = (1<<4), /** cert is self-signed */ @@ -76,12 +76,12 @@ enum x509_constraint_t { * X.509 certPolicy extension. */ struct x509_cert_policy_t { - /** OID of certPolicy */ - chunk_t oid; /** Certification Practice Statement URI qualifier */ char *cps_uri; /** UserNotice Text qualifier */ char *unotice_text; + /** OID of certPolicy */ + chunk_t oid; }; /** |