Added support for adding extensions to CRLs, also fix a memory leak and

[oweals/openssl.git] / crypto / x509v3 / v3_conf.c

diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 22ad348dee2c0fcf2874e3bf6958b63ed8d8d6d9..5e0fa0b23f2abcc3d8ee5420b0e5c2e97648e62d 100644 (file)
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -57,12 +57,13 @@
  */
 /* extension creation utilities */
 
-#include <stdlib.h>
+
+
+#include <stdio.h>
 #include <ctype.h>
-#include <string.h>
-#include <pem.h>
-#include <conf.h>
-#include <err.h>
+#include "cryptlib.h"
+#include "conf.h"
+#include "x509.h"
 #include "x509v3.h"
 
 #ifndef NOPROTO
@@ -263,6 +264,29 @@ X509 *cert;
        return 1;
 }
 
+/* Same as above but for a CRL */
+
+int X509V3_EXT_CRL_add_conf(conf, ctx, section, crl)
+LHASH *conf;
+X509V3_CTX *ctx;
+char *section;
+X509_CRL *crl;
+{
+       X509_EXTENSION *ext;
+       STACK *nval;
+       CONF_VALUE *val;        
+       int i;
+       if(!(nval = CONF_get_section(conf, section))) return 0;
+       for(i = 0; i < sk_num(nval); i++) {
+               val = (CONF_VALUE *)sk_value(nval, i);
+               if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
+                                                               return 0;
+               if(crl) X509_CRL_add_ext(crl, ext, -1);
+               X509_EXTENSION_free(ext);
+       }
+       return 1;
+}
+
 /* Just check syntax of config file as far as possible */
 int X509V3_EXT_check_conf(conf, section)
 LHASH *conf;