Add OCSP service locator extension.

diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h
index 98e1c599ecf2cf6fb5a413ce75c8ed4d7db9b26c..62e80535b99771b0c107a2fb8d5a267f1cec3efb 100644 (file)
--- a/crypto/x509v3/ext_dat.h
+++ b/crypto/x509v3/ext_dat.h
@@ -62,7 +62,7 @@ extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info;
 extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
 extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld;
 extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
-extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck;
+extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
 
 /* This table will be searched using OBJ_bsearch so it *must* kept in
  * order of the ext_nid values.
@@ -95,7 +95,8 @@ static X509V3_EXT_METHOD *standard_exts[] = {
 &v3_ocsp_crlid,
 &v3_ocsp_accresp,
 &v3_ocsp_nocheck,
-&v3_ocsp_acutoff
+&v3_ocsp_acutoff,
+&v3_ocsp_serviceloc
 };
 
 /* Number of standard extensions */

diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index bdd9927692213e711f5efe01b95f39fcf2aaa66e..13a4dcf45ce7c5b8b1dc6dbb1de091af8a2fcc1b 100644 (file)
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -97,8 +97,8 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                                GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
 {
-       char oline[256];
        unsigned char *p;
+       char oline[256];
        switch (gen->type)
        {
                case GEN_OTHERNAME:
@@ -151,7 +151,6 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
 
 int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
 {
-       char oline[256];
        unsigned char *p;
        switch (gen->type)
        {
@@ -181,8 +180,8 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
                break;
 
                case GEN_DIRNAME:
-               X509_NAME_oneline(gen->d.dirn, oline, 256);
-               BIO_printf(out, "DirName:%s",oline);
+               BIO_printf(out, "DirName: ");
+               X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
                break;
 
                case GEN_IPADD:

diff --git a/crypto/x509v3/v3_ocsp.c b/crypto/x509v3/v3_ocsp.c
index 6a7e6ac31bdcd830d94443ce339aef307cdb346b..a10bfa97f425245fe1047b52b09bcac670e5b0f6 100644 (file)
--- a/crypto/x509v3/v3_ocsp.c
+++ b/crypto/x509v3/v3_ocsp.c
@@ -77,6 +77,7 @@ static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int
 
 static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent);
 static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
+static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind);
 
 X509V3_EXT_METHOD v3_ocsp_crlid = {
        NID_id_pkix_OCSP_CrlID, 0, &OCSP_CRLID_it,
@@ -117,6 +118,15 @@ X509V3_EXT_METHOD v3_ocsp_nocheck = {
        NULL
 };
 
+X509V3_EXT_METHOD v3_ocsp_serviceloc = {
+       NID_id_pkix_OCSP_serviceLocator, 0, &OCSP_SERVICELOC_it,
+       0,0,0,0,
+       0,0,
+       0,0,
+       i2r_ocsp_serviceloc,0,
+       NULL
+};
+
 static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
 {
        OCSP_CRLID *a = in;
@@ -212,3 +222,25 @@ static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *
 {
        return ASN1_NULL_new();
 }
+
+static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
+        {
+       int i;
+       OCSP_SERVICELOC *a = in;
+       ACCESS_DESCRIPTION *ad;
+
+        if (BIO_printf(bp, "%*ssIissuer: ", ind, "") <= 0) goto err;
+        if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) goto err;
+       for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++)
+               {
+                               ad = sk_ACCESS_DESCRIPTION_value(a->locator,i);
+                               if (BIO_printf(bp, "\n%*s", (2*ind), "") <= 0) 
+                                       goto err;
+                               if(i2a_ASN1_OBJECT(bp, ad->method) <= 0) goto err;
+                               if(BIO_puts(bp, " - ") <= 0) goto err;
+                               if(GENERAL_NAME_print(bp, ad->location) <= 0) goto err;
+               }
+       return 1;
+err:
+       return 0;
+       }