diff options
Diffstat (limited to 'crypto/openssl/crypto/x509v3/v3_conf.c')
-rw-r--r-- | crypto/openssl/crypto/x509v3/v3_conf.c | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/crypto/openssl/crypto/x509v3/v3_conf.c b/crypto/openssl/crypto/x509v3/v3_conf.c index f19bb3a..b2f0301 100644 --- a/crypto/openssl/crypto/x509v3/v3_conf.c +++ b/crypto/openssl/crypto/x509v3/v3_conf.c @@ -170,13 +170,13 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, if(!(ext_der = Malloc(ext_len))) goto merr; p = ext_der; method->i2d(ext_struc, &p); - if(!(ext_oct = ASN1_OCTET_STRING_new())) goto merr; + if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr; ext_oct->data = ext_der; ext_oct->length = ext_len; ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); if(!ext) goto merr; - ASN1_OCTET_STRING_free(ext_oct); + M_ASN1_OCTET_STRING_free(ext_oct); return ext; @@ -220,7 +220,7 @@ static int v3_check_generic(char **value) return 1; } -/* Create a generic extension: for now just handle RAW type */ +/* Create a generic extension: for now just handle DER type */ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type) { @@ -241,7 +241,7 @@ if(!(ext_der = string_to_hex(value, &ext_len))) { goto err; } -if(!(oct = ASN1_OCTET_STRING_new())) { +if(!(oct = M_ASN1_OCTET_STRING_new())) { X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE); goto err; } @@ -254,7 +254,7 @@ extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct); err: ASN1_OBJECT_free(obj); -ASN1_OCTET_STRING_free(oct); +M_ASN1_OCTET_STRING_free(oct); if(ext_der) Free(ext_der); return extension; } @@ -302,6 +302,30 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, return 1; } +/* Add extensions to certificate request */ + +int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, + X509_REQ *req) +{ + X509_EXTENSION *ext; + STACK_OF(X509_EXTENSION) *extlist = NULL; + STACK_OF(CONF_VALUE) *nval; + CONF_VALUE *val; + int i; + if(!(nval = CONF_get_section(conf, section))) return 0; + for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { + val = sk_CONF_VALUE_value(nval, i); + if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) + return 0; + if(!extlist) extlist = sk_X509_EXTENSION_new_null(); + sk_X509_EXTENSION_push(extlist, ext); + } + if(req) i = X509_REQ_add_extensions(req, extlist); + else i = 1; + sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free); + return i; +} + /* Config database functions */ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) |