Add RFC 3779 support.

[openssl.git] / crypto / asn1 / x_x509.c

diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index 6a2adfc6582937150dda841378533e0a2e483edd..b6110d2d60b64d69c07ff44fcff46b7693e8951b 100644 (file)
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -63,9 +63,6 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
-static int x509_meth_num = 0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
-
 ASN1_SEQUENCE(X509_CINF) = {
        ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
        ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
@@ -82,7 +79,10 @@ ASN1_SEQUENCE(X509_CINF) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
 /* X509 top level structure needs a bit of customisation */
 
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+extern void policy_cache_free(X509_POLICY_CACHE *cache);
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                                                               void *exarg)
 {
        X509 *ret = (X509 *)*pval;
 
@@ -95,8 +95,13 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
                ret->ex_pathlen = -1;
                ret->skid = NULL;
                ret->akid = NULL;
+#ifdef OPENSSL_RFC3779
+               ret->rfc3779_addr = NULL;
+               ret->rfc3779_asid = NULL;
+#endif
                ret->aux = NULL;
-               CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
+               ret->crldp = NULL;
+               CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
                break;
 
                case ASN1_OP_D2I_POST:
@@ -105,10 +110,16 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
                break;
 
                case ASN1_OP_FREE_POST:
-               CRYPTO_free_ex_data(x509_meth,ret,&ret->ex_data);
+               CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
                X509_CERT_AUX_free(ret->aux);
                ASN1_OCTET_STRING_free(ret->skid);
                AUTHORITY_KEYID_free(ret->akid);
+               CRL_DIST_POINTS_free(ret->crldp);
+               policy_cache_free(ret->policy_cache);
+#ifdef OPENSSL_RFC3779
+               sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
+               ASIdentifiers_free(ret->rfc3779_asid);
+#endif
 
                if (ret->name != NULL) OPENSSL_free(ret->name);
                break;
@@ -128,23 +139,11 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509)
 IMPLEMENT_ASN1_DUP_FUNCTION(X509)
 
-static ASN1_METHOD meth={
-       (int (*)())  i2d_X509,
-       (char *(*)())d2i_X509,
-       (char *(*)())X509_new,
-       (void (*)()) X509_free};
-
-ASN1_METHOD *X509_asn1_meth(void)
-       {
-       return(&meth);
-       }
-
 int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
         {
-       x509_meth_num++;
-       return(CRYPTO_get_ex_new_index(x509_meth_num-1,
-               &x509_meth,argl,argp,new_func,dup_func,free_func));
+       return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
+                               new_func, dup_func, free_func);
         }
 
 int X509_set_ex_data(X509 *r, int idx, void *arg)
@@ -165,9 +164,9 @@ void *X509_get_ex_data(X509 *r, int idx)
  *
  */
 
-X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
 {
-       unsigned char *q;
+       const unsigned char *q;
        X509 *ret;
        /* Save start position */
        q = *pp;