Fix namespace collision on CRL reasons

This commit is contained in:
Juliusz Sosinowicz
2026-03-24 19:50:37 +01:00
parent 6fc93ac412
commit 829fbbc702
4 changed files with 23 additions and 23 deletions
+2 -2
View File
@@ -434,7 +434,7 @@ static int PopulateResponderFromIndex(OcspResponder* responder,
word32 serialLen = 0;
enum Ocsp_Cert_Status status;
time_t revTime = 0;
enum WC_CRL_Reason revReason = CRL_REASON_UNSPECIFIED;
enum WC_CRL_Reason revReason = WC_CRL_REASON_UNSPECIFIED;
word32 validity = 86400;
char* p = entry->serial;
word32 i;
@@ -487,7 +487,7 @@ static int PopulateResponderFromIndex(OcspResponder* responder,
else if (entry->status == 'R') {
status = CERT_REVOKED;
revTime = entry->revocationTime;
revReason = CRL_REASON_UNSPECIFIED;
revReason = WC_CRL_REASON_UNSPECIFIED;
validity = 0;
}
else {
+2 -2
View File
@@ -2520,8 +2520,8 @@ int wc_OcspResponder_SetCertStatus(OcspResponder* responder,
if (status == CERT_REVOKED) {
if (revocationTime <= 0)
goto out;
if (revocationReason < CRL_REASON_UNSPECIFIED ||
revocationReason > CRL_REASON_AA_COMPROMISE)
if (revocationReason < WC_CRL_REASON_UNSPECIFIED ||
revocationReason > WC_CRL_REASON_AA_COMPROMISE)
goto out;
/* Skip value 7 which is not used */
if (revocationReason == 7)
+9 -9
View File
@@ -1510,7 +1510,7 @@ int test_ocsp_responder(void)
"./certs/ca-key.der",
"./certs/server-cert.der",
CERT_GOOD,
0, CRL_REASON_UNSPECIFIED,
0, WC_CRL_REASON_UNSPECIFIED,
86400, /* validityPeriod - 24 hours */
0,
"RSA server cert - GOOD status"
@@ -1521,7 +1521,7 @@ int test_ocsp_responder(void)
"./certs/ca-key.der",
"./certs/server-cert.der",
CERT_REVOKED,
now, CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */
now, WC_CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */
0, /* validityPeriod (not used for REVOKED) */
OCSP_CERT_REVOKED,
"RSA server cert - REVOKED status"
@@ -1532,7 +1532,7 @@ int test_ocsp_responder(void)
"./certs/ca-key.der",
"./certs/server-cert.der",
CERT_UNKNOWN,
0, CRL_REASON_UNSPECIFIED,
0, WC_CRL_REASON_UNSPECIFIED,
0, /* validityPeriod (not used for UNKNOWN) */
OCSP_CERT_UNKNOWN,
"RSA server cert - UNKNOWN status"
@@ -1543,7 +1543,7 @@ int test_ocsp_responder(void)
"./certs/ocsp/ocsp-responder-key.der",
"./certs/ocsp/intermediate1-ca-cert.der",
CERT_GOOD,
0, CRL_REASON_UNSPECIFIED,
0, WC_CRL_REASON_UNSPECIFIED,
86400, /* validityPeriod - 24 hours */
0,
"RSA int1 cert with responder - GOOD status"
@@ -1554,7 +1554,7 @@ int test_ocsp_responder(void)
"./certs/ocsp/ocsp-responder-key.der",
"./certs/ocsp/intermediate1-ca-cert.der",
CERT_REVOKED,
now, CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */
now, WC_CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */
0, /* validityPeriod (not used for REVOKED) */
OCSP_CERT_REVOKED,
"RSA int1 cert with responder - REVOKED status"
@@ -1565,7 +1565,7 @@ int test_ocsp_responder(void)
"./certs/ocsp/ocsp-responder-key.der",
"./certs/ocsp/intermediate1-ca-cert.der",
CERT_UNKNOWN,
0, CRL_REASON_UNSPECIFIED,
0, WC_CRL_REASON_UNSPECIFIED,
0, /* validityPeriod (not used for UNKNOWN) */
OCSP_CERT_UNKNOWN,
"RSA int1 cert with responder - UNKNOWN status"
@@ -1577,7 +1577,7 @@ int test_ocsp_responder(void)
"./certs/ca-ecc-key.der",
"./certs/server-ecc.der",
CERT_GOOD,
0, CRL_REASON_UNSPECIFIED,
0, WC_CRL_REASON_UNSPECIFIED,
86400, /* validityPeriod - 24 hours */
0,
"ECC server cert - GOOD status"
@@ -1588,7 +1588,7 @@ int test_ocsp_responder(void)
"./certs/ca-ecc-key.der",
"./certs/server-ecc.der",
CERT_REVOKED,
now, CRL_REASON_AFFILIATION_CHANGED,
now, WC_CRL_REASON_AFFILIATION_CHANGED,
0, /* validityPeriod (not used for REVOKED) */
OCSP_CERT_REVOKED,
"ECC server cert - REVOKED status"
@@ -1599,7 +1599,7 @@ int test_ocsp_responder(void)
"./certs/ca-ecc-key.der",
"./certs/server-ecc.der",
CERT_UNKNOWN,
0, CRL_REASON_UNSPECIFIED,
0, WC_CRL_REASON_UNSPECIFIED,
0, /* validityPeriod (not used for UNKNOWN) */
OCSP_CERT_UNKNOWN,
"ECC server cert - UNKNOWN status"
+10 -10
View File
@@ -2899,17 +2899,17 @@ WOLFSSL_LOCAL int OcspDecodeCertID(const byte* input, word32* inOutIdx, word32 i
#ifdef HAVE_OCSP_RESPONDER
/* Revocation reason codes from RFC 5280 */
enum WC_CRL_Reason {
CRL_REASON_UNSPECIFIED = 0,
CRL_REASON_KEY_COMPROMISE = 1,
CRL_REASON_CA_COMPROMISE = 2,
CRL_REASON_AFFILIATION_CHANGED = 3,
CRL_REASON_SUPERSEDED = 4,
CRL_REASON_CESSATION_OF_OPERATION = 5,
CRL_REASON_CERTIFICATE_HOLD = 6,
WC_CRL_REASON_UNSPECIFIED = 0,
WC_CRL_REASON_KEY_COMPROMISE = 1,
WC_CRL_REASON_CA_COMPROMISE = 2,
WC_CRL_REASON_AFFILIATION_CHANGED = 3,
WC_CRL_REASON_SUPERSEDED = 4,
WC_CRL_REASON_CESSATION_OF_OPERATION = 5,
WC_CRL_REASON_CERTIFICATE_HOLD = 6,
/* value 7 is not used */
CRL_REASON_REMOVE_FROM_CRL = 8,
CRL_REASON_PRIVILEGE_WITHDRAWN = 9,
CRL_REASON_AA_COMPROMISE = 10
WC_CRL_REASON_REMOVE_FROM_CRL = 8,
WC_CRL_REASON_PRIVILEGE_WITHDRAWN = 9,
WC_CRL_REASON_AA_COMPROMISE = 10
};
/* Certificate status entry for a single certificate */