This file is indexed.

/usr/include/wvstreams/wvcrl.h is in libwvstreams-dev 4.6.1-11.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
/* -*- Mode: C++ -*-
 * Worldvisions Weaver Software:
 *   Copyright (C) 1997-2007 Net Integration Technologies, Inc. and others.
 *
 * X.509v3 CRL management class.
 */ 
#ifndef __WVCRL_H
#define __WVCRL_H

#include "wverror.h"
#include "wvlog.h"
#include "wvx509.h"

// Structures to make the compiler happy so we don't have to include x509v3.h ;)
struct X509_crl_st;
typedef struct X509_crl_st X509_CRL;
struct ssl_ctx_st;
typedef struct ssl_ctx_st SSL_CTX;
struct asn1_string_st;
typedef struct asn1_string_st ASN1_INTEGER;

class WvX509Mgr;

/**
 * CRL Class to handle certificate revocation lists and their related
 * functions
 */
class WvCRL
{
public:
    /**
     * Type for the @ref encode() and @ref decode() methods:
     * CRLPEM   = PEM Encoded X.509 CRL
     * CRLDER   = DER Encoded X.509 CRL 
     * CRLFilePEM   = PEM Encoded X.509 CRL
     * CRLFileDER   = DER Encoded X.509 CRL 
     */
    enum DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER };

    /**
     * Initialize a blank (null) CRL object.
     */
    WvCRL();
    
    /**
     * Initialize a CRL object, signed and created by the certificate
     * 'ca'.
     */
    WvCRL(const WvX509Mgr &ca);

    /** Destructor */
    virtual ~WvCRL();

    /** Accessor for CRL */
    X509_CRL *getcrl()
    { return crl; }
 
    /**
     * Check the CRL in crl against the CA certificate in cert
     * - returns true if CRL was signed by that CA certificate.
     */
    bool signedbyca(const WvX509 &cacert) const;

    /**
     * Check the issuer name of the CRL in crl against the CA certificate in cert
     * - returns true if the names match.
     */
    bool issuedbyca(const WvX509 &cacert) const;

    /**
     * Checks to see if the CRL is expired (i.e.: the present time is past the
     * nextUpdate extension).
     * - returns true if CRL has expired.
     */
    bool expired() const;

    /*
     * Checks to see if the CRL has any critical extensions in it.
     * - returns true if the CRL has any critical extensions.
     */
    bool has_critical_extensions() const;

    /**
     * Type for @ref validate() method:
     * ERROR = there was an error that happened..
     * VALID = the certificate is valid
     * NOT_THIS_CA = the certificate is not signed by this CA
     * NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same),
     *                      but the signature is invalid.
     */    
    enum Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE, 
                 EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS };

    /**
     * Checks to see that a CRL is signed and issued by a CA certificate, and
     * that it has not expired.
     * - returns a validity status.
     * Get the Authority key Info
     */
    Valid validate(const WvX509 &cacert) const;

    /**
     * Get the Authority key Info
     */
    WvString get_aki() const;

    /** 
     * Get the CRL Issuer.
     */
    WvString get_issuer() const;

    /**
     * Do we have any errors... convenience function..
     */
    bool isok() const;
    
    /** 
     * Return the information requested by mode as a WvString. 
     */
    WvString encode(const DumpMode mode) const;
    void encode(const DumpMode mode, WvBuf &buf) const;

    /**
     * Load the information from the format requested by mode into
     * the class - this overwrites the CRL.
     */
    void decode(const DumpMode mode, WvStringParm encoded);
    void decode(const DumpMode mode, WvBuf &encoded);

    /**
     * Is the certificate in cert revoked?
     */
    bool isrevoked(const WvX509 &cert) const;
    bool isrevoked(WvStringParm serial_number) const;

    /**
     * Add the certificate specified by cert to the CRL.
     */
    void addcert(const WvX509 &cert);

    /**
     * Counts the number of certificates in this CRL.
     * WARNING: this method will be very slow and will consume a lot
     * of memory for large CRLs.
     */
    int numcerts() const;
    
private:    
    mutable WvLog debug;
    X509_CRL *crl;
};

#endif // __WVCRL_H