*/
/* extension creation utilities */
-#include <stdlib.h>
+
+
+#include <stdio.h>
#include <ctype.h>
-#include <string.h>
-#include <pem.h>
-#include <conf.h>
-#include <err.h>
+#include "cryptlib.h"
+#include "conf.h"
+#include "x509.h"
#include "x509v3.h"
#ifndef NOPROTO
{
int crit;
int ext_type;
+ X509_EXTENSION *ret;
crit = v3_check_critical(&value);
if((ext_type = v3_check_generic(&value)))
return v3_generic_extension(name, value, crit, ext_type);
- return do_ext_conf(conf, ctx, OBJ_sn2nid(name), crit, value);
+ ret = do_ext_conf(conf, ctx, OBJ_sn2nid(name), crit, value);
+ if(!ret) {
+ X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION);
+ ERR_add_error_data(4,"name=", name, ", value=", value);
+ }
+ return ret;
}
X509_EXTENSION *X509V3_EXT_conf_nid(conf, ctx, ext_nid, value)
char *ext_der, *p;
int ext_len;
ASN1_OCTET_STRING *ext_oct;
- if(ext_nid == NID_undef) return NULL;
+ if(ext_nid == NID_undef) {
+ X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
+ return NULL;
+ }
if(!(method = X509V3_EXT_get_nid(ext_nid))) {
- /* Add generic extension support here */
+ X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION);
return NULL;
}
/* Now get internal extension representation based on type */
return 1;
}
+/* Same as above but for a CRL */
+
+int X509V3_EXT_CRL_add_conf(conf, ctx, section, crl)
+LHASH *conf;
+X509V3_CTX *ctx;
+char *section;
+X509_CRL *crl;
+{
+ X509_EXTENSION *ext;
+ STACK *nval;
+ CONF_VALUE *val;
+ int i;
+ if(!(nval = CONF_get_section(conf, section))) return 0;
+ for(i = 0; i < sk_num(nval); i++) {
+ val = (CONF_VALUE *)sk_value(nval, i);
+ if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
+ return 0;
+ if(crl) X509_CRL_add_ext(crl, ext, -1);
+ X509_EXTENSION_free(ext);
+ }
+ return 1;
+}
+
/* Just check syntax of config file as far as possible */
int X509V3_EXT_check_conf(conf, section)
LHASH *conf;