evp/e_aes_cbc_hmac_sha*.c: harmonize names, fix bugs.

[openssl.git] / crypto / x509v3 / v3_conf.c

diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index e654ae7e1e7a0eb8b25405ddf7c6d022b7efbdb0..b570b6e592057eef4fd5c549fb271c33102f942f 100644 (file)
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -1,5 +1,5 @@
 /* v3_conf.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -72,8 +72,8 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, in
 static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type, X509V3_CTX *ctx);
 static char *conf_lhash_get_string(void *db, char *section, char *value);
 static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
-                                                int crit, void *ext_struc);
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
+                                 int crit, void *ext_struc);
 static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len);
 /* CONF *conf:  Config file    */
 /* char *name:  Name    */
@@ -115,7 +115,7 @@ X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
                                    int crit, char *value)
        {
-       X509V3_EXT_METHOD *method;
+       const X509V3_EXT_METHOD *method;
        X509_EXTENSION *ext;
        STACK_OF(CONF_VALUE) *nval;
        void *ext_struc;
@@ -172,7 +172,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 
        }
 
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
                                  int crit, void *ext_struc)
        {
        unsigned char *ext_der;
@@ -214,7 +214,7 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
 
 X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
        {
-       X509V3_EXT_METHOD *method;
+       const X509V3_EXT_METHOD *method;
        if (!(method = X509V3_EXT_get_nid(ext_nid))) {
                X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION);
                return NULL;
@@ -317,6 +317,19 @@ static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len)
        return ext_der;
        }
 
+static void delete_ext(STACK_OF(X509_EXTENSION) *sk, X509_EXTENSION *dext)
+       {
+       int idx;
+       ASN1_OBJECT *obj;
+       obj = X509_EXTENSION_get_object(dext);
+       while ((idx = X509v3_get_ext_by_OBJ(sk, obj, -1)) >= 0)
+               {
+               X509_EXTENSION *tmpext = X509v3_get_ext(sk, idx);
+               X509v3_delete_ext(sk, idx);
+               X509_EXTENSION_free(tmpext);
+               }
+       }
+
 /* This is the main function: add a bunch of extensions based on a config file
  * section to an extension STACK.
  */
@@ -335,6 +348,8 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
                val = sk_CONF_VALUE_value(nval, i);
                if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
                                                                return 0;
+               if (ctx->flags == X509V3_CTX_REPLACE)   
+                       delete_ext(*sk, ext);
                if (sk) X509v3_add_ext(sk, ext, -1);
                X509_EXTENSION_free(ext);
                }