X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fx509v3%2Fv3_ocsp.c;h=d21b6fbedb74e6876f4bf0cd069a709c5905058f;hp=7df71f225a4190f3ce19a34582c7e140dee29af2;hb=a8312c0e24a73e70b25d9811de2106f50b32081b;hpb=c08523d862276964e65d6a1de07439b9d0c2a6da;ds=sidebyside diff --git a/crypto/x509v3/v3_ocsp.c b/crypto/x509v3/v3_ocsp.c index 7df71f225a..d21b6fbedb 100644 --- a/crypto/x509v3/v3_ocsp.c +++ b/crypto/x509v3/v3_ocsp.c @@ -75,6 +75,10 @@ static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length); static void ocsp_nonce_free(void *a); static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); +static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); +static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); +static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); + X509V3_EXT_METHOD v3_ocsp_crlid = { NID_id_pkix_OCSP_CrlID, 0, &OCSP_CRLID_it, 0,0,0,0, @@ -105,6 +109,24 @@ X509V3_EXT_METHOD v3_ocsp_nonce = { NULL }; +X509V3_EXT_METHOD v3_ocsp_nocheck = { + NID_id_pkix_OCSP_noCheck, 0, &ASN1_NULL_it, + 0,0,0,0, + 0,s2i_ocsp_nocheck, + 0,0, + i2r_ocsp_nocheck,0, + NULL +}; + +X509V3_EXT_METHOD v3_ocsp_serviceloc = { + NID_id_pkix_OCSP_serviceLocator, 0, &OCSP_SERVICELOC_it, + 0,0,0,0, + 0,0, + 0,0, + i2r_ocsp_serviceloc,0, + NULL +}; + static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind) { OCSP_CRLID *a = in; @@ -151,7 +173,7 @@ static void *ocsp_nonce_new(void) static int i2d_ocsp_nonce(void *a, unsigned char **pp) { ASN1_OCTET_STRING *os = a; - if(*pp) { + if(pp) { memcpy(*pp, os->data, os->length); *pp += os->length; } @@ -189,4 +211,36 @@ static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int return 1; } +/* Nocheck is just a single NULL. Don't print anything and always set it */ +static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent) +{ + return 1; +} + +static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) +{ + return ASN1_NULL_new(); +} + +static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind) + { + int i; + OCSP_SERVICELOC *a = in; + ACCESS_DESCRIPTION *ad; + + if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0) goto err; + if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) goto err; + for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++) + { + ad = sk_ACCESS_DESCRIPTION_value(a->locator,i); + if (BIO_printf(bp, "\n%*s", (2*ind), "") <= 0) + goto err; + if(i2a_ASN1_OBJECT(bp, ad->method) <= 0) goto err; + if(BIO_puts(bp, " - ") <= 0) goto err; + if(GENERAL_NAME_print(bp, ad->location) <= 0) goto err; + } + return 1; +err: + return 0; + }