int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
unsigned long certopt, unsigned long nameopt, int default_op,
int ext_copy);
-static X509_NAME *do_subject(char *subject, int email_dn);
+static X509_NAME *do_subject(char *subject);
static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval);
static int get_certificate_status(const char *ser_status, TXT_DB *db);
static int do_updatedb(TXT_DB *db);
if (subj)
{
- X509_NAME *n = do_subject(subj, email_dn);
+ X509_NAME *n = do_subject(subj);
if (!n)
{
BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n");
goto err;
}
- j=ASN1_PRINTABLE_type(str->data,str->length);
- if ( ((j == V_ASN1_T61STRING) &&
- (str->type != V_ASN1_T61STRING)) ||
- ((j == V_ASN1_IA5STRING) &&
- (str->type == V_ASN1_PRINTABLESTRING)))
+ if ((str->type != V_ASN1_BMPSTRING) && (str->type != V_ASN1_UTF8STRING))
{
- BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
- goto err;
+ j=ASN1_PRINTABLE_type(str->data,str->length);
+ if ( ((j == V_ASN1_T61STRING) &&
+ (str->type != V_ASN1_T61STRING)) ||
+ ((j == V_ASN1_IA5STRING) &&
+ (str->type == V_ASN1_PRINTABLESTRING)))
+ {
+ BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
+ goto err;
+ }
}
if (default_op)
/* Build the correct Subject if no e-mail is wanted in the subject */
/* and add it later on because of the method extensions are added (altName) */
- if (!email_dn)
+ if (email_dn)
+ dn_subject = subject;
+ else
{
- if ((dn_subject=X509_NAME_new()) == NULL)
+ X509_NAME_ENTRY *tmpne;
+ /* Its best to dup the subject DN and then delete any email
+ * addresses because this retains its structure.
+ */
+ if (!(dn_subject = X509_NAME_dup(subject)))
{
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
}
-
- for (i=0; i<X509_NAME_entry_count(subject); i++)
+ while((i = X509_NAME_get_index_by_NID(dn_subject,
+ NID_pkcs9_emailAddress, -1)) >= 0)
{
- ne= X509_NAME_get_entry(subject,i);
- obj=X509_NAME_ENTRY_get_object(ne);
- nid=OBJ_obj2nid(obj);
-
- str=X509_NAME_ENTRY_get_data(ne);
-
- if (nid == NID_pkcs9_emailAddress) continue;
-
- if (!X509_NAME_add_entry(dn_subject,ne, -1, 0))
- {
- BIO_printf(bio_err,"Memory allocation failure\n");
- goto err;
- }
+ tmpne = X509_NAME_get_entry(dn_subject, i);
+ X509_NAME_delete_entry(dn_subject, i);
+ X509_NAME_ENTRY_free(tmpne);
}
}
X509_NAME_free(CAname);
if (subject != NULL)
X509_NAME_free(subject);
+ if ((dn_subject != NULL) && !email_dn)
+ X509_NAME_free(dn_subject);
if (tmptm != NULL)
ASN1_UTCTIME_free(tmptm);
if (ok <= 0)
return ret;
}
-static X509_NAME *do_subject(char *subject, int email_dn)
+static X509_NAME *do_subject(char *subject)
{
X509_NAME *n = NULL;
continue;
}
- if ((nid == NID_pkcs9_emailAddress) && (email_dn == 0))
- continue;
-
if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, (unsigned char*)ne_value, -1,-1,0))
{
X509_NAME_free(n);