return gens;
}
-static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
+static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
CONF_VALUE *cnf)
{
STACK_OF(GENERAL_NAME) *fnm = NULL;
dnsect = X509V3_get_section(ctx, cnf->value);
if (!dnsect)
{
- X509V3err(X509V3_F_GET_DIST_POINT_NAME,
+ X509V3err(X509V3_F_SET_DIST_POINT_NAME,
X509V3_R_SECTION_NOT_FOUND);
return -1;
}
if (sk_X509_NAME_ENTRY_value(rnm,
sk_X509_NAME_ENTRY_num(rnm) - 1)->set)
{
- X509V3err(X509V3_F_GET_DIST_POINT_NAME,
+ X509V3err(X509V3_F_SET_DIST_POINT_NAME,
X509V3_R_INVAID_MULTIPLE_RDNS);
goto err;
}
if (*pdp)
{
- X509V3err(X509V3_F_GET_DIST_POINT_NAME,
+ X509V3err(X509V3_F_SET_DIST_POINT_NAME,
X509V3_R_DISTPOINT_ALREADY_SET);
goto err;
}
return -1;
}
-
static const BIT_STRING_BITNAME reason_flags[] = {
{1, "Key Compromise", "keyCompromise"},
{2, "CA Compromise", "CACompromise"},
{
int ret;
cnf = sk_CONF_VALUE_value(nval, i);
- ret = get_dist_point_name(&point->distpoint, ctx, cnf);
+ ret = set_dist_point_name(&point->distpoint, ctx, cnf);
if (ret > 0)
continue;
if (ret < 0)
ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
} ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
+IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
static int i2r_idp(X509V3_EXT_METHOD *method,
void *pidp, BIO *out, int indent);
+static void *v2i_idp(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
X509V3_EXT_METHOD v3_idp =
{
ASN1_ITEM_ref(ISSUING_DIST_POINT),
0,0,0,0,
0,0,
- 0,0,
+ 0,
+ v2i_idp,
i2r_idp,0,
NULL
};
+static void *v2i_idp(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+ {
+ ISSUING_DIST_POINT *idp = NULL;
+ CONF_VALUE *cnf;
+ char *name, *val;
+ int i, ret;
+ idp = ISSUING_DIST_POINT_new();
+ if (!idp)
+ goto merr;
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++)
+ {
+ cnf = sk_CONF_VALUE_value(nval, i);
+ name = cnf->name;
+ val = cnf->value;
+ ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
+ if (ret > 0)
+ continue;
+ if (ret < 0)
+ goto err;
+ if (!strcmp(name, "onlyuser"))
+ {
+ if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
+ goto err;
+ }
+ else if (!strcmp(name, "onlyCA"))
+ {
+ if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
+ goto err;
+ }
+ else if (!strcmp(name, "onlyAA"))
+ {
+ if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
+ goto err;
+ }
+ else if (!strcmp(name, "indirectCRL"))
+ {
+ if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
+ goto err;
+ }
+ else if (!strcmp(name, "onlysomereasons"))
+ {
+ if (!set_reasons(&idp->onlysomereasons, val))
+ goto err;
+ }
+ else
+ {
+ X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
+ X509V3_conf_err(cnf);
+ goto err;
+ }
+ }
+ return idp;
+
+ merr:
+ X509V3err(X509V3_F_V2I_IDP,ERR_R_MALLOC_FAILURE);
+ err:
+ ISSUING_DIST_POINT_free(idp);
+ return NULL;
+ }
+
static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
{
int i;
{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_GET_DIST_POINT_NAME), "GET_DIST_POINT_NAME"},
{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
+{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
+{ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
#define X509V3_F_DO_EXT_I2D 135
#define X509V3_F_DO_EXT_NCONF 151
#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
-#define X509V3_F_GET_DIST_POINT_NAME 155
#define X509V3_F_GNAMES_FROM_SECTNAME 156
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
#define X509V3_F_S2I_ASN1_SKEY_ID 114
#define X509V3_F_S2I_SKEY_ID 115
+#define X509V3_F_SET_DIST_POINT_NAME 155
#define X509V3_F_STRING_TO_HEX 113
#define X509V3_F_SXNET_ADD_ID_ASC 125
#define X509V3_F_SXNET_ADD_ID_INTEGER 126
#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
#define X509V3_F_V2I_GENERAL_NAMES 118
#define X509V3_F_V2I_GENERAL_NAME_EX 117
+#define X509V3_F_V2I_IDP 157
#define X509V3_F_V2I_ISSUER_ALT 153
#define X509V3_F_V2I_NAME_CONSTRAINTS 147
#define X509V3_F_V2I_POLICY_CONSTRAINTS 146
projects / openssl.git / commitdiff