File 0002-add-support-for-Microsoft-extendedKeyUsage-attributes.diff of Package tinyca2
From cc4e8c21f6a711e719e2b434f4738f1a0e52a700 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Mon, 12 Oct 2009 14:01:56 +0200
Subject: [PATCH 2/2] add support for Microsoft extendedKeyUsage attributes
useful for creating WPA2 EAP-TLS certificates, see
http://support.microsoft.com/kb/814394
---
lib/GUI/TCONFIG.pm | 28 ++++++++++++++--------------
lib/GUI/WORDS.pm | 6 +++++-
2 files changed, 19 insertions(+), 15 deletions(-)
diff --git a/lib/GUI/TCONFIG.pm b/lib/GUI/TCONFIG.pm
index 7e7511b..57bcd77 100644
--- a/lib/GUI/TCONFIG.pm
+++ b/lib/GUI/TCONFIG.pm
@@ -417,14 +417,16 @@ sub show_configbox {
$comboextendedKeyUsage = Gtk2::Combo->new();
@combostrings = (
$main->{'words'}{'none'},
+ $main->{'words'}{'1.3.6.1.5.5.7.3.1'},
$main->{'words'}{'user'});
if((defined($main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'})) &&
($main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'} ne 'none') &&
($main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'} ne 'user') &&
($main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'} ne '')) {
- push(@combostrings,
- $main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'});
+ my $str = $main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'};
+ $str = $main->{'words'}{$str} if exists $main->{'words'}{$str};
+ push(@combostrings, $str) unless grep { $str eq $_; } @combostrings;
}
$comboextendedKeyUsage->set_popdown_strings(@combostrings);
@@ -437,11 +439,9 @@ sub show_configbox {
$main->{'radio1'}->set_sensitive(1);
$main->{'radio2'}->set_sensitive(1);
- if($main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'} eq 'user'){
- $comboextendedKeyUsage->entry->set_text($main->{'words'}{'user'});
- } else {
- $comboextendedKeyUsage->entry->set_text($main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'});
- }
+ my $str = $main->{'TCONFIG'}->{'server_cert'}->{'extendedKeyUsage'};
+ $str = $main->{'words'}{$str} if exists $main->{'words'}{$str};
+ $comboextendedKeyUsage->entry->set_text($str);
} else {
$comboextendedKeyUsage->entry->set_text($main->{'words'}{'none'});
$main->{'radio1'}->set_sensitive(0);
@@ -846,14 +846,16 @@ sub show_configbox {
$combocextendedKeyUsage = Gtk2::Combo->new();
@combostrings = (
$main->{'words'}{'none'},
+ $main->{'words'}{'1.3.6.1.5.5.7.3.2'},
$main->{'words'}{'user'});
if((defined($main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'})) &&
($main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'} ne 'none') &&
($main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'} ne 'user') &&
($main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'} ne '')) {
- push(@combostrings,
- $main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'});
+ my $str = $main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'};
+ $str = $main->{'words'}{$str} if exists $main->{'words'}{$str};
+ push(@combostrings, $str) unless grep { $str eq $_; } @combostrings;
}
$combocextendedKeyUsage->set_popdown_strings(@combostrings);
@@ -866,11 +868,9 @@ sub show_configbox {
$main->{'radio1'}->set_sensitive(1);
$main->{'radio2'}->set_sensitive(1);
- if($main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'} eq 'user'){
- $combocextendedKeyUsage->entry->set_text($main->{'words'}{'user'});
- } else {
- $combocextendedKeyUsage->entry->set_text($main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'});
- }
+ my $str = $main->{'TCONFIG'}->{'client_cert'}->{'extendedKeyUsage'};
+ $str = $main->{'words'}{$str} if exists $main->{'words'}{$str};
+ $combocextendedKeyUsage->entry->set_text($str);
} else {
$combocextendedKeyUsage->entry->set_text($main->{'words'}{'none'});
$main->{'radio1'}->set_sensitive(0);
diff --git a/lib/GUI/WORDS.pm b/lib/GUI/WORDS.pm
index efd64d6..abbe5c6 100644
--- a/lib/GUI/WORDS.pm
+++ b/lib/GUI/WORDS.pm
@@ -70,6 +70,8 @@ sub new {
'STATUS' => _("Status"),
'FINGERPRINTMD5' => _("Fingerprint (MD5)"),
'FINGERPRINTSHA1' => _("Fingerprint (SHA1)"),
+ '1.3.6.1.5.5.7.3.1' => _("TLS Web Server Authentication"),
+ '1.3.6.1.5.5.7.3.2' => _("TLS Web Client Authentication"),
_("Not set") => 'none',
_("Ask User") => 'user',
_("critical") => 'critical',
@@ -99,7 +101,9 @@ sub new {
_("SSL CA, S/MIME CA, Object Signing CA")=> 'sslCA, emailCA, objCA',
_("Certificate Signing") => 'keyCertSign',
_("CRL Signing") => 'cRLSign',
- _("Certificate Signing, CRL Signing") => 'keyCertSign, cRLSign'
+ _("Certificate Signing, CRL Signing") => 'keyCertSign, cRLSign',
+ _("TLS Web Server Authentication") => '1.3.6.1.5.5.7.3.1',
+ _("TLS Web Client Authentication") => '1.3.6.1.5.5.7.3.2',
};
my $class = ref($that) || $that;
--
1.6.4.2