X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;ds=sidebyside;f=crypto%2Fx509v3%2Fv3_utl.c;h=7f1fc8fa0bd63ad4d0f773a01d45b88bf0757192;hb=34d05a402325411ff80cb8aa90044550556db2bd;hp=f1b5c94c2a2b4fdd7da336340b33094a1442cb0c;hpb=376bf1d4aaddbc7645b364e6963b34951fe51f9b;p=oweals%2Fopenssl.git diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index f1b5c94c2a..7f1fc8fa0b 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -67,9 +67,9 @@ static char *strip_spaces(char *name); static int sk_strcmp(const char * const *a, const char * const *b); -static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens); -static void str_free(void *str); -static int append_ia5(STACK **sk, ASN1_IA5STRING *email); +static STACK_OF(STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens); +static void str_free(STRING str); +static int append_ia5(STACK_OF(STRING) **sk, ASN1_IA5STRING *email); static int ipv4_from_asc(unsigned char *v4, const char *in); static int ipv6_from_asc(unsigned char *v6, const char *in); @@ -463,21 +463,48 @@ static int sk_strcmp(const char * const *a, const char * const *b) return strcmp(*a, *b); } -STACK *X509_get1_email(X509 *x) +STACK_OF(STRING) *X509_get1_email(X509 *x) { GENERAL_NAMES *gens; - STACK *ret; + STACK_OF(STRING) *ret; + gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); ret = get_email(X509_get_subject_name(x), gens); sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); return ret; } -STACK *X509_REQ_get1_email(X509_REQ *x) +STACK_OF(STRING) *X509_get1_ocsp(X509 *x) +{ + AUTHORITY_INFO_ACCESS *info; + STACK_OF(STRING) *ret = NULL; + int i; + + info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL); + if (!info) + return NULL; + for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) + { + ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); + if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) + { + if (ad->location->type == GEN_URI) + { + if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier)) + break; + } + } + } + AUTHORITY_INFO_ACCESS_free(info); + return ret; +} + +STACK_OF(STRING) *X509_REQ_get1_email(X509_REQ *x) { GENERAL_NAMES *gens; STACK_OF(X509_EXTENSION) *exts; - STACK *ret; + STACK_OF(STRING) *ret; + exts = X509_REQ_get_extensions(x); gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL); ret = get_email(X509_REQ_get_subject_name(x), gens); @@ -487,9 +514,9 @@ STACK *X509_REQ_get1_email(X509_REQ *x) } -static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) +static STACK_OF(STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens) { - STACK *ret = NULL; + STACK_OF(STRING) *ret = NULL; X509_NAME_ENTRY *ne; ASN1_IA5STRING *email; GENERAL_NAME *gen; @@ -512,23 +539,23 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) return ret; } -static void str_free(void *str) +static void str_free(STRING str) { OPENSSL_free(str); } -static int append_ia5(STACK **sk, ASN1_IA5STRING *email) +static int append_ia5(STACK_OF(STRING) **sk, ASN1_IA5STRING *email) { char *emtmp; /* First some sanity checks */ if(email->type != V_ASN1_IA5STRING) return 1; if(!email->data || !email->length) return 1; - if(!*sk) *sk = sk_new(sk_strcmp); + if(!*sk) *sk = sk_STRING_new(sk_strcmp); if(!*sk) return 0; /* Don't add duplicates */ - if(sk_find(*sk, (char *)email->data) != -1) return 1; + if(sk_STRING_find(*sk, (char *)email->data) != -1) return 1; emtmp = BUF_strdup((char *)email->data); - if(!emtmp || !sk_push(*sk, emtmp)) { + if(!emtmp || !sk_STRING_push(*sk, emtmp)) { X509_email_free(*sk); *sk = NULL; return 0; @@ -536,9 +563,9 @@ static int append_ia5(STACK **sk, ASN1_IA5STRING *email) return 1; } -void X509_email_free(STACK *sk) +void X509_email_free(STACK_OF(STRING) *sk) { - sk_pop_free(sk, str_free); + sk_STRING_pop_free(sk, str_free); } /* Convert IP addresses both IPv4 and IPv6 into an