From f9150e54214b26fb03f9d933926cb1176198d6c0 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 25 Aug 1999 23:18:23 +0000 Subject: [PATCH] Allow the 1.OU="my OU" syntax in 'ca' for SPKACs. --- CHANGES | 7 +++++++ apps/ca.c | 11 ++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 348252ec11..32a46769fc 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,13 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] + *) Add new feature to the SPKAC handling in ca. Now you can include + the same field multiple times by preceding it by "XXXX." for example: + 1.OU="Unit name 1" + 2.OU="Unit name 2" + this is the same syntax as used in the req config file. + [Steve Henson] + *) Allow certificate extensions to be added to certificate requests. These are specified in a 'req_extensions' option of the req section of the config file. They can be printed out with the -text option to req but diff --git a/apps/ca.c b/apps/ca.c index 9ed100dd3c..fa355ab0c9 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1986,8 +1986,17 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, cv=sk_CONF_VALUE_value(sk,i); type=cv->name; - buf=cv->value; + /* Skip past any leading X. X: X, etc to allow for + * multiple instances + */ + for(buf = cv->name; *buf ; buf++) + if ((*buf == ':') || (*buf == ',') || (*buf == '.')) { + buf++; + if(*buf) type = buf; + break; + } + buf=cv->value; if ((nid=OBJ_txt2nid(type)) == NID_undef) { if (strcmp(type, "SPKAC") == 0) -- 2.25.1