# x509if.cnf # X509IF conformation file # $Id$ #.MODULE_IMPORT SelectedAttributeTypes x509sat #.INCLUDE ../x509sat/x509sat-exp.cnf #.EXPORTS AllowedSubset Attribute AttributeCombination AttributeType AttributeTypeAndDistinguishedValue AttributeTypeAssertion AttributeUsage AttributeValue AttributeValueAssertion #BaseDistance ChopSpecification Context ContextAssertion ContextCombination ContextProfile ControlOptions DistinguishedName DITContentRule DITContextUse DITStructureRule EntryLimit ImposedSubset LocalName Mapping MatchingUse MRMapping MRSubstitution Name OutputValues Refinement RelativeDistinguishedName RelaxationPolicy RDNSequence RequestAttribute ResultAttribute RuleIdentifier SearchRule SearchRuleDescription SearchRuleId SubtreeSpecification #.PDU DistinguishedName Name #.NO_EMIT #.TYPE_RENAME AttributeTypeAndDistinguishedValue/valuesWithContext T_valWithContext AttributeTypeAndDistinguishedValue/valuesWithContext/_item T_valWithContext_item ChopSpecification/specificExclusions T_chopSpecificExclusions ChopSpecification/specificExclusions/_item T_chopSpecificExclusions_item #.FIELD_RENAME AttributeTypeAssertion/assertedContexts ata_assertedContexts AttributeTypeAndDistinguishedValue/value atadv_value AttributeTypeAndDistinguishedValue/valuesWithContext valueswithContext AttributeTypeAndDistinguishedValue/valuesWithContext/_item valueswithContext_item ChopSpecification/specificExclusions chopSpecificExclusions ChopSpecification/specificExclusions/_item chopSpecificExclusions_item Refinement/and refinement_and Refinement/and/_item refinement_and_item Refinement/not refinement_not Refinement/or refinement_or Refinement/or/_item refinement_or_item ContextAssertion/contextType ca_contextType ContextAssertion/contextValues ca_contextValues ContextAssertion/contextValues/_item ca_contextValues_item ContextCombination/not contextcombination_not ContextCombination/and contextcombination_and ContextCombination/and/_item contextcombination_and_item ContextCombination/or contextcombination_or ContextCombination/or/_item contextcombination_or_item RelaxationPolicy/maximum maximum_relaxation RelaxationPolicy/minimum minimum_relaxation RequestAttribute/defaultValues/_item/values ra_values RequestAttribute/defaultValues/_item/values/_item ra_values_item RequestAttribute/selectedValues ra_selectedValues RequestAttribute/selectedValues/_item ra_selectedValues_item #.REGISTER DistinguishedName B "2.5.4.1" "id-at-aliasedEntryName" DistinguishedName B "2.5.4.31" "id-at-member" DistinguishedName B "2.5.4.32" "id-at-owner" DistinguishedName B "2.5.4.33" "id-at-roleOccupant" DistinguishedName B "2.5.4.34" "id-at-seeAlso" DistinguishedName B "2.5.4.49" "id-at-distinguishedName" # X402 - see master list in acp133.cnf DistinguishedName B "2.6.5.2.5" "id-at-mhs-message-store-dn" DistinguishedName B "2.6.5.2.14" "id-at-mhs-dl-related-lists" # ACP133 - see master list in acp133.cnf DistinguishedName B "2.16.840.1.101.2.2.1.3" "id-at-alternateRecipient" DistinguishedName B "2.16.840.1.101.2.2.1.4" "id-at-associatedOrganization" DistinguishedName B "2.16.840.1.101.2.2.1.6" "id-at-associatedPLA" DistinguishedName B "2.16.840.1.101.2.2.1.49" "id-at-aliasPointer" DistinguishedName B "2.16.840.1.101.2.2.1.61" "id-at-listPointer" DistinguishedName B "2.16.840.1.101.2.2.1.110" "id-at-administrator" DistinguishedName B "2.16.840.1.101.2.2.1.111" "id-at-aigsExpanded" DistinguishedName B "2.16.840.1.101.2.2.1.113" "id-at-associatedAL" DistinguishedName B "2.16.840.1.101.2.2.1.114" "id-at-copyMember" DistinguishedName B "2.16.840.1.101.2.2.1.117" "id-at-guard" DistinguishedName B "2.16.840.1.101.2.2.1.121" "id-at-networkDN" DistinguishedName B "2.16.840.1.101.2.2.1.138" "id-at-plasServed" DistinguishedName B "2.16.840.1.101.2.2.1.139" "id-at-deployed" DistinguishedName B "2.16.840.1.101.2.2.1.140" "id-at-garrison" #.FN_PARS ContextId FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id #.FN_BODY ContextValue offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); #.FN_PARS AttributeId FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id #.FN_BODY AttributeId const char *fmt; const char *name; %(DEFAULT_BODY)s if(object_identifier_id) { /* see if we can find a nice name */ name = get_ber_oid_name(object_identifier_id); if(!name) name = object_identifier_id; if(doing_dn) { /* append it to the RDN */ g_strlcat(last_rdn, name, MAX_RDN_STR_LEN); g_strlcat(last_rdn, "=", MAX_RDN_STR_LEN); /* append it to the tree */ proto_item_append_text(tree, " (%%s=", name); } if((fmt = val_to_str(hf_index, fmt_vals, "")) && *fmt) { /* we have a format */ last_ava = ep_alloc(MAX_AVA_STR_LEN); *last_ava = '\0'; g_snprintf(last_ava, MAX_AVA_STR_LEN, "%%s %%s", name, fmt); proto_item_append_text(tree, " %%s", last_ava); } } #.FN_BODY AttributeValue int old_offset = offset; tvbuff_t *out_tvb; char *value = NULL; const char *fmt; const char *name = NULL; offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); /* try and dissect as a string */ dissect_ber_octet_string(FALSE, pinfo, NULL, tvb, old_offset, hf_x509if_any_string, &out_tvb); /* should also try and dissect as an OID and integer */ /* of course, if I can look up the syntax .... */ if(out_tvb) { /* it was a string - format it */ value = tvb_format_text(out_tvb, 0, tvb_length(out_tvb)); if(doing_dn) { g_strlcat(last_rdn, value, MAX_RDN_STR_LEN); /* append it to the tree*/ proto_item_append_text(tree, "%%s)", value); } if((fmt = val_to_str(ava_hf_index, fmt_vals, "")) && *fmt) { /* we have a format */ if(!(name = get_ber_oid_name(object_identifier_id))) name = object_identifier_id; g_snprintf(last_ava, MAX_AVA_STR_LEN, "%%s %%s %%s", name, fmt, value); proto_item_append_text(tree, " %%s", last_ava); } } #.FN_BODY SelectedValues offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); #.FN_PARS DefaultValueType FN_VARIANT = _str HF_INDEX = hf_x509if_object_identifier_id VAL_PTR = &object_identifier_id #.FN_BODY DefaultValueValues offset=call_ber_oid_callback(object_identifier_id, tvb, offset, pinfo, tree); #.FN_BODY ValuesWithContextValue offset=call_ber_oid_callback("unknown", tvb, offset, pinfo, tree); #.FN_BODY RelativeDistinguishedName char *temp_dn; rdn_one_value = FALSE; top_of_rdn = tree; last_rdn = ep_alloc(MAX_DN_STR_LEN); *last_rdn = '\0'; doing_dn = TRUE; %(DEFAULT_BODY)s /* we've finished - close the bracket */ proto_item_append_text(top_of_rdn, " (%%s)", last_rdn); /* now append this to the DN */ if (last_dn) { if(*last_dn) { temp_dn = ep_alloc(MAX_DN_STR_LEN); /* is there a better way to use ep_alloc here ? */ g_snprintf(temp_dn, MAX_DN_STR_LEN, "%%s,%%s", last_rdn, last_dn); last_dn[0] = '\0'; g_strlcat(last_dn, temp_dn, MAX_DN_STR_LEN); } else { g_strlcat(last_dn, last_rdn, MAX_DN_STR_LEN); } } doing_dn = FALSE; last_rdn = NULL; /* it will get freed when the next packet is dissected */ #.FN_BODY RelativeDistinguishedName/_item if(!rdn_one_value) { top_of_rdn = tree; } else { if(doing_dn) /* this is an additional value - delimit */ g_strlcat(last_rdn, "+", MAX_RDN_STR_LEN); } %(DEFAULT_BODY)s rdn_one_value = TRUE; #.FN_BODY RDNSequence const char *fmt; dn_one_rdn = FALSE; /* reset */ last_dn = ep_alloc(MAX_DN_STR_LEN); *last_dn = '\0'; top_of_dn = NULL; %(DEFAULT_BODY)s /* we've finished - append the dn */ proto_item_append_text(top_of_dn, " (%%s)", last_dn); /* see if we should append this to the col info */ if(check_col(pinfo->cinfo, COL_INFO) && (fmt = val_to_str(hf_index, fmt_vals, "")) && *fmt) { /* we have a format */ col_append_fstr(pinfo->cinfo, COL_INFO, " %%s%%s", fmt, last_dn); } last_dn = NULL; #.FN_BODY RDNSequence/_item if(!dn_one_rdn) { /* this is the first element - record the top */ top_of_dn = tree; } %(DEFAULT_BODY)s dn_one_rdn = TRUE; #.FN_BODY AttributeValueAssertion ava_hf_index = hf_index; last_ava = ep_alloc(MAX_AVA_STR_LEN); *last_ava = '\0'; %(DEFAULT_BODY)s ava_hf_index=-1; #.END