Changes between 0.9.7a and 0.9.8 [xx XXX xxxx]
+ *) Support for directoryName in GeneralName related extensions
+ in config files.
+ [Steve Henson]
+
*) Make it possible to link applications using Makefile.shared.
Make that possible even when linking against static libraries!
[Richard Levitte]
static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);
static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
+static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
X509V3_EXT_METHOD v3_alt[] = {
{ NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
goto err;
}
type = GEN_IPADD;
+} else if(!name_cmp(name, "dirName")) {
+ type = GEN_DIRNAME;
+ if (!do_dirname(gen, value, ctx))
+ {
+ X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
+ goto err;
+ }
} else if(!name_cmp(name, "otherName")) {
if (!do_othername(gen, value, ctx))
{
return 0;
return 1;
}
+
+static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
+ {
+ int ret;
+ STACK_OF(CONF_VALUE) *sk;
+ X509_NAME *nm;
+ if (!(nm = X509_NAME_new()))
+ return 0;
+ sk = X509V3_get_section(ctx, value);
+ if (!sk)
+ {
+ X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND);
+ ERR_add_error_data(2, "section=", value);
+ X509_NAME_free(nm);
+ return 0;
+ }
+ /* FIXME: should allow other character types... */
+ ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
+ if (!ret)
+ X509_NAME_free(nm);
+ gen->d.dirn = nm;
+
+ return ret;
+ }
}
else if(method->r2i)
{
- if(!ctx->db)
+ if(!ctx->db || !ctx->db_meth)
{
X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
return NULL;
char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
{
+ if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string)
+ {
+ X509V3err(X509V3_F_X509V3_GET_STRING,X509V3_R_OPERATION_NOT_DEFINED);
+ return NULL;
+ }
if (ctx->db_meth->get_string)
return ctx->db_meth->get_string(ctx->db, name, section);
return NULL;
STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section)
{
+ if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section)
+ {
+ X509V3err(X509V3_F_X509V3_GET_SECTION,X509V3_R_OPERATION_NOT_DEFINED);
+ return NULL;
+ }
if (ctx->db_meth->get_section)
return ctx->db_meth->get_section(ctx->db, section);
return NULL;
return 1;
}
+
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
+ unsigned long chtype)
+ {
+ CONF_VALUE *v;
+ int i;
+ char *p, *type;
+ if (!nm)
+ return 0;
+
+ for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++)
+ {
+ v=sk_CONF_VALUE_value(dn_sk,i);
+ type=v->name;
+ /* Skip past any leading X. X: X, etc to allow for
+ * multiple instances
+ */
+ for(p = type; *p ; p++)
+#ifndef CHARSET_EBCDIC
+ if ((*p == ':') || (*p == ',') || (*p == '.'))
+#else
+ if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.']))
+#endif
+ {
+ p++;
+ if(*p) type = p;
+ break;
+ }
+ if (!X509_NAME_add_entry_by_txt(nm,type, chtype,
+ (unsigned char *) v->value,-1,-1,0))
+ return 0;
+
+ }
+ return 1;
+ }
/* crypto/x509v3/v3err.c */
/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
{
{ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"},
{ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"},
+{ERR_PACK(0,X509V3_F_DO_DIRNAME,0), "DO_DIRNAME"},
{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"},
{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"},
{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"},
+{ERR_PACK(0,X509V3_F_X509V3_GET_SECTION,0), "X509V3_get_section"},
+{ERR_PACK(0,X509V3_F_X509V3_GET_STRING,0), "X509V3_get_string"},
{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"},
{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"},
{X509V3_R_BAD_OBJECT ,"bad object"},
{X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"},
{X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"},
+{X509V3_R_DIRNAME_ERROR ,"dirname error"},
{X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"},
{X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"},
{X509V3_R_ERROR_CREATING_EXTENSION ,"error creating extension"},
{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"},
{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"},
+{X509V3_R_OPERATION_NOT_DEFINED ,"operation not defined"},
{X509V3_R_OTHERNAME_ERROR ,"othername error"},
+{X509V3_R_SECTION_NOT_FOUND ,"section not found"},
{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"},
{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"},
{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"},
void X509_email_free(STACK *sk);
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
+ unsigned long chtype);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/* Function codes. */
#define X509V3_F_COPY_EMAIL 122
#define X509V3_F_COPY_ISSUER 123
+#define X509V3_F_DO_DIRNAME 144
#define X509V3_F_DO_EXT_CONF 124
#define X509V3_F_DO_EXT_I2D 135
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
#define X509V3_F_X509V3_EXT_CONF 107
#define X509V3_F_X509V3_EXT_I2D 136
+#define X509V3_F_X509V3_GET_SECTION 142
+#define X509V3_F_X509V3_GET_STRING 143
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
#define X509V3_F_X509V3_PARSE_LIST 109
#define X509V3_F_X509_PURPOSE_ADD 137
#define X509V3_R_BAD_OBJECT 119
#define X509V3_R_BN_DEC2BN_ERROR 100
#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
+#define X509V3_R_DIRNAME_ERROR 149
#define X509V3_R_DUPLICATE_ZONE_ID 133
#define X509V3_R_ERROR_CONVERTING_ZONE 131
#define X509V3_R_ERROR_CREATING_EXTENSION 144
#define X509V3_R_NO_PUBLIC_KEY 114
#define X509V3_R_NO_SUBJECT_DETAILS 125
#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
+#define X509V3_R_OPERATION_NOT_DEFINED 148
#define X509V3_R_OTHERNAME_ERROR 147
+#define X509V3_R_SECTION_NOT_FOUND 150
#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
projects / openssl.git / commitdiff