crypto: improved determination of (proxy) certificate type

src/XrdCrypto/XrdCryptoFactory.cc

@@ -355,6 +355,15 @@ XrdCryptoX509SignProxyReq_t XrdCryptoFactory::X509SignProxyReq()
    return 0;
 }
 
+//______________________________________________________________________________
+XrdCryptoX509CheckProxy3_t XrdCryptoFactory::X509CheckProxy3()
+{
+   // Sign a proxy request
+
+   ABSTRACTMETHOD("XrdCryptoFactory::X509CheckProxy3");
+   return 0;
+}
+
 //______________________________________________________________________________
 XrdCryptoX509GetVOMSAttr_t XrdCryptoFactory::X509GetVOMSAttr()
 {

src/XrdCrypto/XrdCryptoFactory.hh

@@ -105,6 +105,9 @@ typedef int (*XrdCryptoX509CreateProxyReq_t)(XrdCryptoX509 *,
 // sign a proxy certificate request
 typedef int (*XrdCryptoX509SignProxyReq_t)(XrdCryptoX509 *, XrdCryptoRSA *,
                                            XrdCryptoX509Req *, XrdCryptoX509 **);
+// sign a proxy certificate request
+typedef int (*XrdCryptoX509CheckProxy3_t)(XrdCryptoX509 *, XrdOucString &);
+
 // get VOMS attributes
 typedef int (*XrdCryptoX509GetVOMSAttr_t)(XrdCryptoX509 *, XrdOucString &);
 
@@ -177,6 +180,7 @@ public:
    virtual XrdCryptoX509CreateProxy_t X509CreateProxy();
    virtual XrdCryptoX509CreateProxyReq_t X509CreateProxyReq();
    virtual XrdCryptoX509SignProxyReq_t X509SignProxyReq();
+   virtual XrdCryptoX509CheckProxy3_t X509CheckProxy3();
    virtual XrdCryptoX509GetVOMSAttr_t X509GetVOMSAttr();
 
    // Equality operator

src/XrdCrypto/XrdCryptoX509.cc

@@ -246,7 +246,7 @@ bool XrdCryptoX509::Verify(XrdCryptoX509 *)
 }
 
 //_____________________________________________________________________________
-int XrdCryptoX509::DumpExtensions()
+int XrdCryptoX509::DumpExtensions(bool)
 {
    // Dump extensions, if any
    ABSTRACTMETHOD("XrdCryptoX509::DumpExtensions");

src/XrdCrypto/XrdCryptoX509.hh

@@ -75,11 +75,12 @@ public:
 
    // Dump information
    virtual void Dump();
-   virtual int DumpExtensions(); // extensions
+   virtual int DumpExtensions(bool = 0); // extensions
 
    const char *Type(EX509Type t = kUnknown) const
                  { return ((t == kUnknown) ? ctype[type+1] : ctype[t+1]); }
    virtual const char *ParentFile();
+   virtual const char *ProxyType() const { return ""; }
 
    // Key strength
    virtual int BitStrength();

src/XrdCrypto/XrdCryptosslAux.hh

@@ -83,6 +83,8 @@ int XrdCryptosslX509CreateProxyReq(XrdCryptoX509 *,
 // Sign a proxy certificate request
 int XrdCryptosslX509SignProxyReq(XrdCryptoX509 *, XrdCryptoRSA *,
                               XrdCryptoX509Req *, XrdCryptoX509 **);
+// Check a proxy certificate GSI 3
+int XrdCryptosslX509CheckProxy3(XrdCryptoX509 *, XrdOucString &);
 // Get VOMS attributes, if any
 int XrdCryptosslX509GetVOMSAttr(XrdCryptoX509 *, XrdOucString &);
 

src/XrdCrypto/XrdCryptosslFactory.cc

@@ -497,6 +497,14 @@ XrdCryptoX509SignProxyReq_t XrdCryptosslFactory::X509SignProxyReq()
    return &XrdCryptosslX509SignProxyReq;
 }
 
+//______________________________________________________________________________
+XrdCryptoX509CheckProxy3_t XrdCryptosslFactory::X509CheckProxy3()
+{
+   // Check consistency of a GSI 3 compliant proxy
+
+   return &XrdCryptosslX509CheckProxy3;
+}
+
 //______________________________________________________________________________
 XrdCryptoX509GetVOMSAttr_t XrdCryptosslFactory::X509GetVOMSAttr()
 {

src/XrdCrypto/XrdCryptosslFactory.hh

@@ -103,6 +103,7 @@ public:
    XrdCryptoX509CreateProxy_t X509CreateProxy();
    XrdCryptoX509CreateProxyReq_t X509CreateProxyReq();
    XrdCryptoX509SignProxyReq_t X509SignProxyReq();
+   XrdCryptoX509CheckProxy3_t X509CheckProxy3();
    XrdCryptoX509GetVOMSAttr_t X509GetVOMSAttr();
 
    // Required SSL mutexes.