Add initial support for r2i RAW extensions which can access the config database

 Changes between 0.9.2b and 0.9.3

  *) Add code to allow r2i extensions to access the configuration database,

     add an LHASH database driver and add several ctx helper functions.

     [Steve Henson]

  *) Fix an evil bug in bn_expand2() which caused various BN functions to

     fail when they extended the size of a BIGNUM.

     [Steve Henson]

  OpenSSL STATUS                           Last modified at

  ______________                           $Date: 1999/04/16 11:32:33 $

  ______________                           $Date: 1999/04/16 23:57:00 $

  DEVELOPMENT STATE

        Proper (or at least usable) certificate chain verification.

        Documentation on X509 V3 extension code.

        PKCS#12 code cleanup and enhancement.

	PKCS #8 and PKCS#5 v2.0 support.

	Private key, certificate and CRL API and implementation.

    o Mark is currently working on:

        Folding in any changes that are in the C2Net code base that were

		    if (ci->version == NULL)

		    if ((ci->version=ASN1_INTEGER_new()) == NULL) goto err;

		    ASN1_INTEGER_set(ci->version,1); /* version 2 CRL */

		    crlctx.crl = crl;

		    crlctx.issuer_cert = x509;

		    crlctx.subject_cert = NULL;

		    crlctx.subject_req = NULL;

		    crlctx.flags = 0;

		    X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0);

		    X509V3_set_conf_lhash(&crlctx, conf);

		    if(!X509V3_EXT_CRL_add_conf(conf, &crlctx,

						 crl_ext, crl)) goto err;

		ci->extensions = NULL;

		ctx.subject_cert = ret;

		ctx.issuer_cert = x509;

		ctx.subject_req = req;

		ctx.crl = NULL;

		ctx.flags = 0;

		X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0);

		X509V3_set_conf_lhash(&ctx, lconf);

		if(!X509V3_EXT_add_conf(lconf, &ctx, ext_sect, ret)) goto err;

			/* Set up V3 context struct */

			ext_ctx.issuer_cert = x509ss;

			ext_ctx.subject_cert = x509ss;

			ext_ctx.subject_req = NULL;

			ext_ctx.crl = NULL;

			ext_ctx.flags = 0;

			X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0);

			X509V3_set_conf_lhash(&ext_ctx, req_conf);

			/* Add extensions */

			if(extensions && !X509V3_EXT_add_conf(req_conf, 

	static X509V3_CTX ctx_tst = { CTX_TEST, NULL, NULL, NULL, NULL };

	return X509V3_EXT_add_conf(conf, &ctx_tst, section, NULL);

}

/* Config database functions */

char * X509V3_get_string(ctx, name, section)

X509V3_CTX *ctx;

char *name;

char *section;

{

	if(ctx->db_meth->get_string)

			return ctx->db_meth->get_string(ctx->db, name, section);

	return NULL;

}

STACK * X509V3_get_section(ctx, section)

X509V3_CTX *ctx;

char *section;

{

	if(ctx->db_meth->get_section)

			return ctx->db_meth->get_section(ctx->db, section);

	return NULL;

}

void X509V3_free_string(ctx, str)

X509V3_CTX *ctx;

char *str;

{

	if(ctx->db_meth->free_string)

			return ctx->db_meth->free_string(ctx->db, str);

}

void X509V3_free_section(ctx, section)

X509V3_CTX *ctx;

STACK *section;

{

	if(ctx->db_meth->free_section)

			return ctx->db_meth->free_section(ctx->db, section);

}

static char *conf_lhash_get_string(db, section, value)

void *db;

char *section;

char *value;

{

	return CONF_get_string(db, section, value);

}

static STACK *conf_lhash_get_section(db, section)

void *db;

char *section;

{

	return CONF_get_section(db, section);

}

static X509V3_CONF_METHOD conf_lhash_method = {

conf_lhash_get_string,

conf_lhash_get_section,

NULL,

NULL

};

void X509V3_set_conf_lhash(ctx, lhash)

X509V3_CTX *ctx;

LHASH *lhash;

{

	ctx->db_meth = &conf_lhash_method;

	ctx->db = lhash;

}

void X509V3_set_ctx(ctx, issuer, subj, req, crl, flags)

X509V3_CTX *ctx;

X509 *issuer;

X509 *subj;

X509_REQ *req;

X509_CRL *crl;

int flags;

{

	ctx->issuer_cert = issuer;

	ctx->subject_cert = subj;

	ctx->crl = crl;

	ctx->subject_req = req;

	ctx->flags = flags;

}