Loading CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.7a and 0.9.8 [xx XXX xxxx] *) Support for directoryName in GeneralName related extensions in config files. [Steve Henson] *) Make it possible to link applications using Makefile.shared. Make that possible even when linking against static libraries! [Richard Levitte] Loading crypto/x509v3/v3_alt.c +32 −0 Original line number Diff line number Diff line Loading @@ -66,6 +66,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); X509V3_EXT_METHOD v3_alt[] = { { NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), Loading Loading @@ -452,6 +453,13 @@ if(!name_cmp(name, "email")) { goto err; } type = GEN_IPADD; } else if(!name_cmp(name, "dirName")) { type = GEN_DIRNAME; if (!do_dirname(gen, value, ctx)) { X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR); goto err; } } else if(!name_cmp(name, "otherName")) { if (!do_othername(gen, value, ctx)) { Loading Loading @@ -507,3 +515,27 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) return 0; return 1; } static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) { int ret; STACK_OF(CONF_VALUE) *sk; X509_NAME *nm; if (!(nm = X509_NAME_new())) return 0; sk = X509V3_get_section(ctx, value); if (!sk) { X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); X509_NAME_free(nm); return 0; } /* FIXME: should allow other character types... */ ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); if (!ret) X509_NAME_free(nm); gen->d.dirn = nm; return ret; } crypto/x509v3/v3_conf.c +11 −1 Original line number Diff line number Diff line Loading @@ -151,7 +151,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, } else if(method->r2i) { if(!ctx->db) if(!ctx->db || !ctx->db_meth) { X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE); return NULL; Loading Loading @@ -383,6 +383,11 @@ int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { X509V3err(X509V3_F_X509V3_GET_STRING,X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_string) return ctx->db_meth->get_string(ctx->db, name, section); return NULL; Loading @@ -390,6 +395,11 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { X509V3err(X509V3_F_X509V3_GET_SECTION,X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_section) return ctx->db_meth->get_section(ctx->db, section); return NULL; Loading crypto/x509v3/v3_utl.c +35 −0 Original line number Diff line number Diff line Loading @@ -740,3 +740,38 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen) return 1; } int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, unsigned long chtype) { CONF_VALUE *v; int i; char *p, *type; if (!nm) return 0; for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) { v=sk_CONF_VALUE_value(dn_sk,i); type=v->name; /* Skip past any leading X. X: X, etc to allow for * multiple instances */ for(p = type; *p ; p++) #ifndef CHARSET_EBCDIC if ((*p == ':') || (*p == ',') || (*p == '.')) #else if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) #endif { p++; if(*p) type = p; break; } if (!X509_NAME_add_entry_by_txt(nm,type, chtype, (unsigned char *) v->value,-1,-1,0)) return 0; } return 1; } crypto/x509v3/v3err.c +7 −1 Original line number Diff line number Diff line /* crypto/x509v3/v3err.c */ /* ==================================================================== * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -68,6 +68,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= { {ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"}, {ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"}, {ERR_PACK(0,X509V3_F_DO_DIRNAME,0), "DO_DIRNAME"}, {ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"}, {ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"}, {ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"}, Loading Loading @@ -104,6 +105,8 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"}, {ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"}, {ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"}, {ERR_PACK(0,X509V3_F_X509V3_GET_SECTION,0), "X509V3_get_section"}, {ERR_PACK(0,X509V3_F_X509V3_GET_STRING,0), "X509V3_get_string"}, {ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"}, {ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"}, {ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"}, Loading @@ -117,6 +120,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {X509V3_R_BAD_OBJECT ,"bad object"}, {X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"}, {X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"}, {X509V3_R_DIRNAME_ERROR ,"dirname error"}, {X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"}, {X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"}, {X509V3_R_ERROR_CREATING_EXTENSION ,"error creating extension"}, Loading Loading @@ -152,7 +156,9 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {X509V3_R_NO_PUBLIC_KEY ,"no public key"}, {X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"}, {X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"}, {X509V3_R_OPERATION_NOT_DEFINED ,"operation not defined"}, {X509V3_R_OTHERNAME_ERROR ,"othername error"}, {X509V3_R_SECTION_NOT_FOUND ,"section not found"}, {X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"}, {X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"}, {X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"}, Loading Loading
CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.7a and 0.9.8 [xx XXX xxxx] *) Support for directoryName in GeneralName related extensions in config files. [Steve Henson] *) Make it possible to link applications using Makefile.shared. Make that possible even when linking against static libraries! [Richard Levitte] Loading
crypto/x509v3/v3_alt.c +32 −0 Original line number Diff line number Diff line Loading @@ -66,6 +66,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); X509V3_EXT_METHOD v3_alt[] = { { NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), Loading Loading @@ -452,6 +453,13 @@ if(!name_cmp(name, "email")) { goto err; } type = GEN_IPADD; } else if(!name_cmp(name, "dirName")) { type = GEN_DIRNAME; if (!do_dirname(gen, value, ctx)) { X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR); goto err; } } else if(!name_cmp(name, "otherName")) { if (!do_othername(gen, value, ctx)) { Loading Loading @@ -507,3 +515,27 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) return 0; return 1; } static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) { int ret; STACK_OF(CONF_VALUE) *sk; X509_NAME *nm; if (!(nm = X509_NAME_new())) return 0; sk = X509V3_get_section(ctx, value); if (!sk) { X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); X509_NAME_free(nm); return 0; } /* FIXME: should allow other character types... */ ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); if (!ret) X509_NAME_free(nm); gen->d.dirn = nm; return ret; }
crypto/x509v3/v3_conf.c +11 −1 Original line number Diff line number Diff line Loading @@ -151,7 +151,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, } else if(method->r2i) { if(!ctx->db) if(!ctx->db || !ctx->db_meth) { X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE); return NULL; Loading Loading @@ -383,6 +383,11 @@ int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { X509V3err(X509V3_F_X509V3_GET_STRING,X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_string) return ctx->db_meth->get_string(ctx->db, name, section); return NULL; Loading @@ -390,6 +395,11 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) { if(!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { X509V3err(X509V3_F_X509V3_GET_SECTION,X509V3_R_OPERATION_NOT_DEFINED); return NULL; } if (ctx->db_meth->get_section) return ctx->db_meth->get_section(ctx->db, section); return NULL; Loading
crypto/x509v3/v3_utl.c +35 −0 Original line number Diff line number Diff line Loading @@ -740,3 +740,38 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen) return 1; } int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, unsigned long chtype) { CONF_VALUE *v; int i; char *p, *type; if (!nm) return 0; for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) { v=sk_CONF_VALUE_value(dn_sk,i); type=v->name; /* Skip past any leading X. X: X, etc to allow for * multiple instances */ for(p = type; *p ; p++) #ifndef CHARSET_EBCDIC if ((*p == ':') || (*p == ',') || (*p == '.')) #else if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) #endif { p++; if(*p) type = p; break; } if (!X509_NAME_add_entry_by_txt(nm,type, chtype, (unsigned char *) v->value,-1,-1,0)) return 0; } return 1; }
crypto/x509v3/v3err.c +7 −1 Original line number Diff line number Diff line /* crypto/x509v3/v3err.c */ /* ==================================================================== * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -68,6 +68,7 @@ static ERR_STRING_DATA X509V3_str_functs[]= { {ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"}, {ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"}, {ERR_PACK(0,X509V3_F_DO_DIRNAME,0), "DO_DIRNAME"}, {ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"}, {ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"}, {ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"}, Loading Loading @@ -104,6 +105,8 @@ static ERR_STRING_DATA X509V3_str_functs[]= {ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"}, {ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"}, {ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"}, {ERR_PACK(0,X509V3_F_X509V3_GET_SECTION,0), "X509V3_get_section"}, {ERR_PACK(0,X509V3_F_X509V3_GET_STRING,0), "X509V3_get_string"}, {ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"}, {ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"}, {ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"}, Loading @@ -117,6 +120,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {X509V3_R_BAD_OBJECT ,"bad object"}, {X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"}, {X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"}, {X509V3_R_DIRNAME_ERROR ,"dirname error"}, {X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"}, {X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"}, {X509V3_R_ERROR_CREATING_EXTENSION ,"error creating extension"}, Loading Loading @@ -152,7 +156,9 @@ static ERR_STRING_DATA X509V3_str_reasons[]= {X509V3_R_NO_PUBLIC_KEY ,"no public key"}, {X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"}, {X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"}, {X509V3_R_OPERATION_NOT_DEFINED ,"operation not defined"}, {X509V3_R_OTHERNAME_ERROR ,"othername error"}, {X509V3_R_SECTION_NOT_FOUND ,"section not found"}, {X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"}, {X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"}, {X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"}, Loading
