Loading CHANGES +1 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,7 @@ all fields. [Steve Henson] *) Add print only support for Issuing Distribution Point CRL extension. *) Add print and set support for Issuing Distribution Point CRL extension. [Steve Henson] Changes between 0.9.8 and 0.9.8a [XX xxx XXXX] Loading crypto/x509v3/v3_crld.c +72 −7 Original line number Diff line number Diff line Loading @@ -101,7 +101,7 @@ static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) return gens; } static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf) { STACK_OF(GENERAL_NAME) *fnm = NULL; Loading @@ -123,7 +123,7 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, dnsect = X509V3_get_section(ctx, cnf->value); if (!dnsect) { X509V3err(X509V3_F_GET_DIST_POINT_NAME, X509V3err(X509V3_F_SET_DIST_POINT_NAME, X509V3_R_SECTION_NOT_FOUND); return -1; } Loading @@ -140,7 +140,7 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (sk_X509_NAME_ENTRY_value(rnm, sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { X509V3err(X509V3_F_GET_DIST_POINT_NAME, X509V3err(X509V3_F_SET_DIST_POINT_NAME, X509V3_R_INVAID_MULTIPLE_RDNS); goto err; } Loading @@ -150,7 +150,7 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (*pdp) { X509V3err(X509V3_F_GET_DIST_POINT_NAME, X509V3err(X509V3_F_SET_DIST_POINT_NAME, X509V3_R_DISTPOINT_ALREADY_SET); goto err; } Loading Loading @@ -179,7 +179,6 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, return -1; } static const BIT_STRING_BITNAME reason_flags[] = { {1, "Key Compromise", "keyCompromise"}, {2, "CA Compromise", "CACompromise"}, Loading Loading @@ -269,7 +268,7 @@ static DIST_POINT *crldp_from_section(X509V3_CTX *ctx, { int ret; cnf = sk_CONF_VALUE_value(nval, i); ret = get_dist_point_name(&point->distpoint, ctx, cnf); ret = set_dist_point_name(&point->distpoint, ctx, cnf); if (ret > 0) continue; if (ret < 0) Loading Loading @@ -393,8 +392,12 @@ ASN1_SEQUENCE(ISSUING_DIST_POINT) = { ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5) } ASN1_SEQUENCE_END(ISSUING_DIST_POINT) IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT) static int i2r_idp(X509V3_EXT_METHOD *method, void *pidp, BIO *out, int indent); static void *v2i_idp(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); X509V3_EXT_METHOD v3_idp = { Loading @@ -402,11 +405,73 @@ X509V3_EXT_METHOD v3_idp = ASN1_ITEM_ref(ISSUING_DIST_POINT), 0,0,0,0, 0,0, 0,0, 0, v2i_idp, i2r_idp,0, NULL }; static void *v2i_idp(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { ISSUING_DIST_POINT *idp = NULL; CONF_VALUE *cnf; char *name, *val; int i, ret; idp = ISSUING_DIST_POINT_new(); if (!idp) goto merr; for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); name = cnf->name; val = cnf->value; ret = set_dist_point_name(&idp->distpoint, ctx, cnf); if (ret > 0) continue; if (ret < 0) goto err; if (!strcmp(name, "onlyuser")) { if (!X509V3_get_value_bool(cnf, &idp->onlyuser)) goto err; } else if (!strcmp(name, "onlyCA")) { if (!X509V3_get_value_bool(cnf, &idp->onlyCA)) goto err; } else if (!strcmp(name, "onlyAA")) { if (!X509V3_get_value_bool(cnf, &idp->onlyattr)) goto err; } else if (!strcmp(name, "indirectCRL")) { if (!X509V3_get_value_bool(cnf, &idp->indirectCRL)) goto err; } else if (!strcmp(name, "onlysomereasons")) { if (!set_reasons(&idp->onlysomereasons, val)) goto err; } else { X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME); X509V3_conf_err(cnf); goto err; } } return idp; merr: X509V3err(X509V3_F_V2I_IDP,ERR_R_MALLOC_FAILURE); err: ISSUING_DIST_POINT_free(idp); return NULL; } static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent) { int i; Loading crypto/x509v3/v3err.c +2 −1 Original line number Diff line number Diff line Loading @@ -77,7 +77,6 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, {ERR_FUNC(X509V3_F_GET_DIST_POINT_NAME), "GET_DIST_POINT_NAME"}, {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"}, {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, Loading @@ -95,6 +94,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"}, {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, Loading @@ -109,6 +109,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"}, {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"}, Loading crypto/x509v3/x509v3.h +2 −1 Original line number Diff line number Diff line Loading @@ -650,7 +650,6 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_DO_EXT_I2D 135 #define X509V3_F_DO_EXT_NCONF 151 #define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 #define X509V3_F_GET_DIST_POINT_NAME 155 #define X509V3_F_GNAMES_FROM_SECTNAME 156 #define X509V3_F_HEX_TO_STRING 111 #define X509V3_F_I2S_ASN1_ENUMERATED 121 Loading @@ -668,6 +667,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_S2I_ASN1_OCTET_STRING 112 #define X509V3_F_S2I_ASN1_SKEY_ID 114 #define X509V3_F_S2I_SKEY_ID 115 #define X509V3_F_SET_DIST_POINT_NAME 155 #define X509V3_F_STRING_TO_HEX 113 #define X509V3_F_SXNET_ADD_ID_ASC 125 #define X509V3_F_SXNET_ADD_ID_INTEGER 126 Loading @@ -682,6 +682,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 #define X509V3_F_V2I_GENERAL_NAMES 118 #define X509V3_F_V2I_GENERAL_NAME_EX 117 #define X509V3_F_V2I_IDP 157 #define X509V3_F_V2I_ISSUER_ALT 153 #define X509V3_F_V2I_NAME_CONSTRAINTS 147 #define X509V3_F_V2I_POLICY_CONSTRAINTS 146 Loading Loading
CHANGES +1 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,7 @@ all fields. [Steve Henson] *) Add print only support for Issuing Distribution Point CRL extension. *) Add print and set support for Issuing Distribution Point CRL extension. [Steve Henson] Changes between 0.9.8 and 0.9.8a [XX xxx XXXX] Loading
crypto/x509v3/v3_crld.c +72 −7 Original line number Diff line number Diff line Loading @@ -101,7 +101,7 @@ static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) return gens; } static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf) { STACK_OF(GENERAL_NAME) *fnm = NULL; Loading @@ -123,7 +123,7 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, dnsect = X509V3_get_section(ctx, cnf->value); if (!dnsect) { X509V3err(X509V3_F_GET_DIST_POINT_NAME, X509V3err(X509V3_F_SET_DIST_POINT_NAME, X509V3_R_SECTION_NOT_FOUND); return -1; } Loading @@ -140,7 +140,7 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (sk_X509_NAME_ENTRY_value(rnm, sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { X509V3err(X509V3_F_GET_DIST_POINT_NAME, X509V3err(X509V3_F_SET_DIST_POINT_NAME, X509V3_R_INVAID_MULTIPLE_RDNS); goto err; } Loading @@ -150,7 +150,7 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, if (*pdp) { X509V3err(X509V3_F_GET_DIST_POINT_NAME, X509V3err(X509V3_F_SET_DIST_POINT_NAME, X509V3_R_DISTPOINT_ALREADY_SET); goto err; } Loading Loading @@ -179,7 +179,6 @@ static int get_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, return -1; } static const BIT_STRING_BITNAME reason_flags[] = { {1, "Key Compromise", "keyCompromise"}, {2, "CA Compromise", "CACompromise"}, Loading Loading @@ -269,7 +268,7 @@ static DIST_POINT *crldp_from_section(X509V3_CTX *ctx, { int ret; cnf = sk_CONF_VALUE_value(nval, i); ret = get_dist_point_name(&point->distpoint, ctx, cnf); ret = set_dist_point_name(&point->distpoint, ctx, cnf); if (ret > 0) continue; if (ret < 0) Loading Loading @@ -393,8 +392,12 @@ ASN1_SEQUENCE(ISSUING_DIST_POINT) = { ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5) } ASN1_SEQUENCE_END(ISSUING_DIST_POINT) IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT) static int i2r_idp(X509V3_EXT_METHOD *method, void *pidp, BIO *out, int indent); static void *v2i_idp(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); X509V3_EXT_METHOD v3_idp = { Loading @@ -402,11 +405,73 @@ X509V3_EXT_METHOD v3_idp = ASN1_ITEM_ref(ISSUING_DIST_POINT), 0,0,0,0, 0,0, 0,0, 0, v2i_idp, i2r_idp,0, NULL }; static void *v2i_idp(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { ISSUING_DIST_POINT *idp = NULL; CONF_VALUE *cnf; char *name, *val; int i, ret; idp = ISSUING_DIST_POINT_new(); if (!idp) goto merr; for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { cnf = sk_CONF_VALUE_value(nval, i); name = cnf->name; val = cnf->value; ret = set_dist_point_name(&idp->distpoint, ctx, cnf); if (ret > 0) continue; if (ret < 0) goto err; if (!strcmp(name, "onlyuser")) { if (!X509V3_get_value_bool(cnf, &idp->onlyuser)) goto err; } else if (!strcmp(name, "onlyCA")) { if (!X509V3_get_value_bool(cnf, &idp->onlyCA)) goto err; } else if (!strcmp(name, "onlyAA")) { if (!X509V3_get_value_bool(cnf, &idp->onlyattr)) goto err; } else if (!strcmp(name, "indirectCRL")) { if (!X509V3_get_value_bool(cnf, &idp->indirectCRL)) goto err; } else if (!strcmp(name, "onlysomereasons")) { if (!set_reasons(&idp->onlysomereasons, val)) goto err; } else { X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME); X509V3_conf_err(cnf); goto err; } } return idp; merr: X509V3err(X509V3_F_V2I_IDP,ERR_R_MALLOC_FAILURE); err: ISSUING_DIST_POINT_free(idp); return NULL; } static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent) { int i; Loading
crypto/x509v3/v3err.c +2 −1 Original line number Diff line number Diff line Loading @@ -77,7 +77,6 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, {ERR_FUNC(X509V3_F_GET_DIST_POINT_NAME), "GET_DIST_POINT_NAME"}, {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"}, {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, Loading @@ -95,6 +94,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"}, {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, Loading @@ -109,6 +109,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"}, {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"}, Loading
crypto/x509v3/x509v3.h +2 −1 Original line number Diff line number Diff line Loading @@ -650,7 +650,6 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_DO_EXT_I2D 135 #define X509V3_F_DO_EXT_NCONF 151 #define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 #define X509V3_F_GET_DIST_POINT_NAME 155 #define X509V3_F_GNAMES_FROM_SECTNAME 156 #define X509V3_F_HEX_TO_STRING 111 #define X509V3_F_I2S_ASN1_ENUMERATED 121 Loading @@ -668,6 +667,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_S2I_ASN1_OCTET_STRING 112 #define X509V3_F_S2I_ASN1_SKEY_ID 114 #define X509V3_F_S2I_SKEY_ID 115 #define X509V3_F_SET_DIST_POINT_NAME 155 #define X509V3_F_STRING_TO_HEX 113 #define X509V3_F_SXNET_ADD_ID_ASC 125 #define X509V3_F_SXNET_ADD_ID_INTEGER 126 Loading @@ -682,6 +682,7 @@ void ERR_load_X509V3_strings(void); #define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 #define X509V3_F_V2I_GENERAL_NAMES 118 #define X509V3_F_V2I_GENERAL_NAME_EX 117 #define X509V3_F_V2I_IDP 157 #define X509V3_F_V2I_ISSUER_ALT 153 #define X509V3_F_V2I_NAME_CONSTRAINTS 147 #define X509V3_F_V2I_POLICY_CONSTRAINTS 146 Loading
