Support for certificate status TLS extension.

[openssl.git] / crypto / x509v3 / v3_utl.c

diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index f1b5c94c2a2b4fdd7da336340b33094a1442cb0c..6aa54aedfaac9a33e9f1043ec5b53ec4ff7d0a56 100644 (file)
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -473,6 +473,30 @@ STACK *X509_get1_email(X509 *x)
        return ret;
 }
 
+STACK *X509_get1_ocsp(X509 *x)
+{
+       AUTHORITY_INFO_ACCESS *info;
+       STACK *ret = NULL;
+       int i;
+       info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
+       if (!info)
+               return NULL;
+       for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++)
+               {
+               ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
+               if (OBJ_obj2nid(ad->method) == NID_ad_OCSP)
+                       {
+                       if (ad->location->type == GEN_URI)
+                               {
+                               if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier))
+                                       break;
+                               }
+                       }
+               }
+       AUTHORITY_INFO_ACCESS_free(info);
+       return ret;
+}
+
 STACK *X509_REQ_get1_email(X509_REQ *x)
 {
        GENERAL_NAMES *gens;