svn_cert.h revision 269847 
1/**
2 * @copyright
3 * ====================================================================
4 *    Licensed to the Apache Software Foundation (ASF) under one
5 *    or more contributor license agreements.  See the NOTICE file
6 *    distributed with this work for additional information
7 *    regarding copyright ownership.  The ASF licenses this file
8 *    to you under the Apache License, Version 2.0 (the
9 *    "License"); you may not use this file except in compliance
10 *    with the License.  You may obtain a copy of the License at
11 *
12 *      http://www.apache.org/licenses/LICENSE-2.0
13 *
14 *    Unless required by applicable law or agreed to in writing,
15 *    software distributed under the License is distributed on an
16 *    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 *    KIND, either express or implied.  See the License for the
18 *    specific language governing permissions and limitations
19 *    under the License.
20 * ====================================================================
21 * @endcopyright
22 *
23 * @file svn_cert.h
24 * @brief Implementation of certificate validation functions
25 */
26
27#ifndef SVN_CERT_H
28#define SVN_CERT_H
29
30#include <apr.h>
31
32#include "svn_types.h"
33#include "svn_string.h"
34
35#ifdef __cplusplus
36extern "C" {
37#endif /* __cplusplus */
38
39
40/* Return TRUE iff @a pattern matches @a hostname as defined
41 * by the matching rules of RFC 6125.  In the context of RFC
42 * 6125 the pattern is the domain name portion of the presented
43 * identifier (which comes from the Common Name or a DNSName
44 * portion of the subjectAltName of an X.509 certificate) and
45 * the hostname is the source domain (i.e. the host portion
46 * of the URI the user entered).
47 *
48 * @note With respect to wildcards we only support matching
49 * wildcards in the left-most label and as the only character
50 * in the left-most label (i.e. we support RFC 6125 �� 6.4.3
51 * Rule 1 and 2 but not the optional Rule 3).  This may change
52 * in the future.
53 *
54 * @note Subversion does not at current support internationalized
55 * domain names.  Both values are presumed to be in NR-LDH label
56 * or A-label form (see RFC 5890 for the definition).
57 *
58 * @since New in 1.9.
59 */
60svn_boolean_t
61svn_cert__match_dns_identity(svn_string_t *pattern, svn_string_t *hostname);
62
63
64#ifdef __cplusplus
65}
66#endif /* __cplusplus */
67
68#endif /* SVN_CERT_H */
69