From: Dr. Stephen Henson Date: Sat, 27 Oct 2001 17:03:20 +0000 (+0000) Subject: Bugfixes for noemailDN option. Make it use the X-Git-Tag: OpenSSL_0_9_6c~26^2~76 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=437db75b943ba0f72eb27d49f660a6d69dfddf1b;hp=1586365835e8eb950e804a4f1e62cff9563061bb Bugfixes for noemailDN option. Make it use the correct name (instead of NULL) if nomailDN is not set, fix memory leaks and retain DN structure when deleting emailAddress. --- diff --git a/apps/ca.c b/apps/ca.c index e96d086b45..a6e6976f7f 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -2046,29 +2046,25 @@ again2: /* Build the correct Subject if no e-mail is wanted in the subject */ /* and add it later on because of the method extensions are added (altName) */ - if (!email_dn) + if (email_dn) + dn_subject = subject; + else { - if ((dn_subject=X509_NAME_new()) == NULL) + X509_NAME_ENTRY *tmpne; + /* Its best to dup the subject DN and then delete any email + * addresses because this retains its structure. + */ + if (!(dn_subject = X509_NAME_dup(subject))) { BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } - - for (i=0; i= 0)) { - ne= X509_NAME_get_entry(subject,i); - obj=X509_NAME_ENTRY_get_object(ne); - nid=OBJ_obj2nid(obj); - - str=X509_NAME_ENTRY_get_data(ne); - - if (nid == NID_pkcs9_emailAddress) continue; - - if (!X509_NAME_add_entry(dn_subject,ne, -1, 0)) - { - BIO_printf(bio_err,"Memory allocation failure\n"); - goto err; - } + tmpne = X509_NAME_get_entry(dn_subject, i); + X509_NAME_delete_entry(dn_subject, i); + X509_NAME_ENTRY_free(tmpne); } } @@ -2327,6 +2323,8 @@ err: X509_NAME_free(CAname); if (subject != NULL) X509_NAME_free(subject); + if ((dn_subject != NULL) && !email_dn) + X509_NAME_free(dn_subject); if (tmptm != NULL) ASN1_UTCTIME_free(tmptm); if (ok <= 0)