summaryrefslogtreecommitdiffstats
path: root/crypto/openssl/crypto/x509v3/v3_conf.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/crypto/x509v3/v3_conf.c')
-rw-r--r--crypto/openssl/crypto/x509v3/v3_conf.c34
1 files changed, 29 insertions, 5 deletions
diff --git a/crypto/openssl/crypto/x509v3/v3_conf.c b/crypto/openssl/crypto/x509v3/v3_conf.c
index f19bb3a..b2f0301 100644
--- a/crypto/openssl/crypto/x509v3/v3_conf.c
+++ b/crypto/openssl/crypto/x509v3/v3_conf.c
@@ -170,13 +170,13 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
if(!(ext_der = Malloc(ext_len))) goto merr;
p = ext_der;
method->i2d(ext_struc, &p);
- if(!(ext_oct = ASN1_OCTET_STRING_new())) goto merr;
+ if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
ext_oct->data = ext_der;
ext_oct->length = ext_len;
ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
if(!ext) goto merr;
- ASN1_OCTET_STRING_free(ext_oct);
+ M_ASN1_OCTET_STRING_free(ext_oct);
return ext;
@@ -220,7 +220,7 @@ static int v3_check_generic(char **value)
return 1;
}
-/* Create a generic extension: for now just handle RAW type */
+/* Create a generic extension: for now just handle DER type */
static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
int crit, int type)
{
@@ -241,7 +241,7 @@ if(!(ext_der = string_to_hex(value, &ext_len))) {
goto err;
}
-if(!(oct = ASN1_OCTET_STRING_new())) {
+if(!(oct = M_ASN1_OCTET_STRING_new())) {
X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -254,7 +254,7 @@ extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
err:
ASN1_OBJECT_free(obj);
-ASN1_OCTET_STRING_free(oct);
+M_ASN1_OCTET_STRING_free(oct);
if(ext_der) Free(ext_der);
return extension;
}
@@ -302,6 +302,30 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
return 1;
}
+/* Add extensions to certificate request */
+
+int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
+ X509_REQ *req)
+{
+ X509_EXTENSION *ext;
+ STACK_OF(X509_EXTENSION) *extlist = NULL;
+ STACK_OF(CONF_VALUE) *nval;
+ CONF_VALUE *val;
+ int i;
+ if(!(nval = CONF_get_section(conf, section))) return 0;
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ val = sk_CONF_VALUE_value(nval, i);
+ if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
+ return 0;
+ if(!extlist) extlist = sk_X509_EXTENSION_new_null();
+ sk_X509_EXTENSION_push(extlist, ext);
+ }
+ if(req) i = X509_REQ_add_extensions(req, extlist);
+ else i = 1;
+ sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
+ return i;
+}
+
/* Config database functions */
char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
OpenPOWER on IntegriCloud