-<DRAFT!>
HOWTO proxy certificates
0. WARNING
determines what will be done with the string. The following syntags are
recognised:
- text indicates that the string is simply bytes, without any encoding:
+ text indicates that the string is simply bytes, without any encoding:
- policy=text:räksmörgås
+ policy=text:räksmörgås
- Previous versions of this design had a specific tag for UTF-8 text.
+ Previous versions of this design had a specific tag for UTF-8 text.
However, since the bytes are copied as-is anyway, there is no need for
such a specific tag.
- hex indicates the string is encoded in hex, with colons between each byte
+ hex indicates the string is encoded in hex, with colons between each byte
(every second hex digit):
- policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
+ policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
Previous versions of this design had a tag to insert a complete DER
blob. However, the only legal use for this would be to surround the
The 'policy' setting can be split up in multiple lines like this:
0.policy=This is
- 1.polisy= a multi-
+ 1.policy= a multi-
2.policy=line policy.
NOTE: the proxy policy value is the part which determines the rights granted to
if (xs->ex_flags & EXFLAG_PROXY)
{
- YOUR_RIGHTS *rights =
+ YOUR_RIGHTS *rights =
(YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
get_proxy_auth_ex_data_idx());
PROXY_CERT_INFO_EXTENSION *pci =
{
int i;
YOUR_RIGHTS tmp_rights;
- memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
+ memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
/* process_rights() is supposed to be a procedure
that takes a string and it's length, interprets
{
/* We have a EE certificate, let's use it to set default!
*/
- YOUR_RIGHTS *rights =
+ YOUR_RIGHTS *rights =
(YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
get_proxy_auth_ex_data_idx());
projects / oweals / openssl.git / blobdiff