X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fasn1%2Fx_cinf.c;h=339a110eefd62c4449f0a46d7c911ee67261a507;hb=6446e0c3c8286428374ec738ffdc859802bd3c92;hp=e5cc2af722e4c42561d40d33ab83b4d2e0d43393;hpb=eda1f21f1af8b6f77327e7b37573af9c1ba73726;p=oweals%2Fopenssl.git

diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c
index e5cc2af722..339a110eef 100644
--- a/crypto/asn1/x_cinf.c
+++ b/crypto/asn1/x_cinf.c
@@ -1,5 +1,5 @@
 /* crypto/asn1/x_cinf.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -58,16 +58,10 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "asn1_mac.h"
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
 
-/*
- * ASN1err(ASN1_F_D2I_X509_CINF,ASN1_R_LENGTH_MISMATCH);
- * ASN1err(ASN1_F_X509_CINF_NEW,ASN1_R_LENGTH_MISMATCH);
- */
-
-int i2d_X509_CINF(a,pp)
-X509_CINF *a;
-unsigned char **pp;
+int i2d_X509_CINF(X509_CINF *a, unsigned char **pp)
 	{
 	int v1=0,v2=0;
 	M_ASN1_I2D_vars(a);
@@ -81,7 +75,9 @@ unsigned char **pp;
 	M_ASN1_I2D_len(a->key,			i2d_X509_PUBKEY);
 	M_ASN1_I2D_len_IMP_opt(a->issuerUID,	i2d_ASN1_BIT_STRING);
 	M_ASN1_I2D_len_IMP_opt(a->subjectUID,	i2d_ASN1_BIT_STRING);
-	M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
+	M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+					     i2d_X509_EXTENSION,3,
+					     V_ASN1_SEQUENCE,v2);
 
 	M_ASN1_I2D_seq_total();
 
@@ -94,15 +90,14 @@ unsigned char **pp;
 	M_ASN1_I2D_put(a->key,			i2d_X509_PUBKEY);
 	M_ASN1_I2D_put_IMP_opt(a->issuerUID,	i2d_ASN1_BIT_STRING,1);
 	M_ASN1_I2D_put_IMP_opt(a->subjectUID,	i2d_ASN1_BIT_STRING,2);
-	M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
+	M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+					     i2d_X509_EXTENSION,3,
+					     V_ASN1_SEQUENCE,v2);
 
 	M_ASN1_I2D_finish();
 	}
 
-X509_CINF *d2i_X509_CINF(a,pp,length)
-X509_CINF **a;
-unsigned char **pp;
-long length;
+X509_CINF *d2i_X509_CINF(X509_CINF **a, unsigned char **pp, long length)
 	{
 	int ver=0;
 	M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new);
@@ -120,7 +115,7 @@ long length;
 		{
 		if (ret->version != NULL)
 			{
-			ASN1_INTEGER_free(ret->version);
+			M_ASN1_INTEGER_free(ret->version);
 			ret->version=NULL;
 			}
 		}
@@ -134,38 +129,48 @@ long length;
 		{
 		if (ret->issuerUID != NULL)
 			{
-			ASN1_BIT_STRING_free(ret->issuerUID);
+			M_ASN1_BIT_STRING_free(ret->issuerUID);
 			ret->issuerUID=NULL;
 			}
 		if (ret->subjectUID != NULL)
 			{
-			ASN1_BIT_STRING_free(ret->subjectUID);
-			ret->issuerUID=NULL;
+			M_ASN1_BIT_STRING_free(ret->subjectUID);
+			ret->subjectUID=NULL;
 			}
 		M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING,  1,
 			V_ASN1_BIT_STRING);
 		M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2,
 			V_ASN1_BIT_STRING);
 		}
+/* Note: some broken certificates include extensions but don't set
+ * the version number properly. By bypassing this check they can
+ * be parsed.
+ */
+
+#ifdef VERSION_EXT_CHECK
 	if (ver >= 2) /* version 3 extensions */
+#endif
 		{
 		if (ret->extensions != NULL)
-			while (sk_num(ret->extensions))
-				X509_EXTENSION_free((X509_EXTENSION *)
-					sk_pop(ret->extensions));
-		M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,3,
-			V_ASN1_SEQUENCE);
+			while (sk_X509_EXTENSION_num(ret->extensions))
+				X509_EXTENSION_free(
+				      sk_X509_EXTENSION_pop(ret->extensions));
+		M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
+						d2i_X509_EXTENSION,
+						X509_EXTENSION_free,3,
+						V_ASN1_SEQUENCE);
 		}
 	M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF);
 	}
 
-X509_CINF *X509_CINF_new()
+X509_CINF *X509_CINF_new(void)
 	{
 	X509_CINF *ret=NULL;
+	ASN1_CTX c;
 
 	M_ASN1_New_Malloc(ret,X509_CINF);
 	ret->version=NULL;
-	M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
+	M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
 	M_ASN1_New(ret->signature,X509_ALGOR_new);
 	M_ASN1_New(ret->issuer,X509_NAME_new);
 	M_ASN1_New(ret->validity,X509_VAL_new);
@@ -178,20 +183,19 @@ X509_CINF *X509_CINF_new()
 	M_ASN1_New_Error(ASN1_F_X509_CINF_NEW);
 	}
 
-void X509_CINF_free(a)
-X509_CINF *a;
+void X509_CINF_free(X509_CINF *a)
 	{
 	if (a == NULL) return;
-	ASN1_INTEGER_free(a->version);
-	ASN1_INTEGER_free(a->serialNumber);
+	M_ASN1_INTEGER_free(a->version);
+	M_ASN1_INTEGER_free(a->serialNumber);
 	X509_ALGOR_free(a->signature);
 	X509_NAME_free(a->issuer);
 	X509_VAL_free(a->validity);
 	X509_NAME_free(a->subject);
 	X509_PUBKEY_free(a->key);
-	ASN1_BIT_STRING_free(a->issuerUID);
-	ASN1_BIT_STRING_free(a->subjectUID);
-	sk_pop_free(a->extensions,X509_EXTENSION_free);
-	Free((char *)a);
+	M_ASN1_BIT_STRING_free(a->issuerUID);
+	M_ASN1_BIT_STRING_free(a->subjectUID);
+	sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
+	OPENSSL_free(a);
 	}