/* * Search based on the contents of a DN entry */ bool DN_Check::match(const X509_Certificate& cert) const { std::vector<std::string> info = cert.subject_info(dn_entry); for(u32bit j = 0; j != info.size(); ++j) if(compare(info[j], looking_for)) return true; return false; }
GeneralName::MatchResult GeneralName::matches(const X509_Certificate& cert) const { std::vector<std::string> nam; std::function<bool(const GeneralName*,const std::string&)> match_fn; if(type() == "DNS") { match_fn = std::mem_fn(&GeneralName::matches_dns); nam = cert.subject_info("DNS"); if(nam.empty()) { nam = cert.subject_info("CN"); } } else if(type() == "DN") { match_fn = std::mem_fn(&GeneralName::matches_dn); std::stringstream ss; ss << cert.subject_dn(); nam.push_back(ss.str()); } else if(type() == "IP") { match_fn = std::mem_fn(&GeneralName::matches_ip); nam = cert.subject_info("IP"); } else { return MatchResult::UnknownType; } if(nam.empty()) { return MatchResult::NotFound; } bool some = false; bool all = true; for(const std::string& n: nam) { bool m = match_fn(this,n); some |= m; all &= m; } if(all) { return MatchResult::All; } else if(some) { return MatchResult::Some; } else { return MatchResult::None; } }