diff options
| author | jsing <> | 2014-04-21 16:49:02 +0000 |
|---|---|---|
| committer | jsing <> | 2014-04-21 16:49:02 +0000 |
| commit | 6d4fab45ef7f00f43303c9fb8f6c98ef46129d83 (patch) | |
| tree | 5bd805c4799b19613d3cf314de0a3004d86aa88e | |
| parent | a6da3e01ed08016417547db075eb3d3ed3f2471c (diff) | |
| download | openbsd-6d4fab45ef7f00f43303c9fb8f6c98ef46129d83.tar.gz openbsd-6d4fab45ef7f00f43303c9fb8f6c98ef46129d83.tar.bz2 openbsd-6d4fab45ef7f00f43303c9fb8f6c98ef46129d83.zip | |
KNF.
| -rw-r--r-- | src/lib/libcrypto/x509v3/tabtest.c | 22 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_enum.c | 52 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_extku.c | 56 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_genn.c | 91 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509v3/tabtest.c | 22 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509v3/v3_enum.c | 52 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509v3/v3_extku.c | 56 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509v3/v3_genn.c | 91 |
8 files changed, 238 insertions, 204 deletions
diff --git a/src/lib/libcrypto/x509v3/tabtest.c b/src/lib/libcrypto/x509v3/tabtest.c index 5ed6eb6891..6b8a211e5d 100644 --- a/src/lib/libcrypto/x509v3/tabtest.c +++ b/src/lib/libcrypto/x509v3/tabtest.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -70,19 +70,23 @@ main() | |||
| 70 | { | 70 | { |
| 71 | int i, prev = -1, bad = 0; | 71 | int i, prev = -1, bad = 0; |
| 72 | X509V3_EXT_METHOD **tmp; | 72 | X509V3_EXT_METHOD **tmp; |
| 73 | |||
| 73 | i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); | 74 | i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); |
| 74 | if(i != STANDARD_EXTENSION_COUNT) | 75 | if (i != STANDARD_EXTENSION_COUNT) |
| 75 | fprintf(stderr, "Extension number invalid expecting %d\n", i); | 76 | fprintf(stderr, "Extension number invalid expecting %d\n", i); |
| 76 | tmp = standard_exts; | 77 | tmp = standard_exts; |
| 77 | for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { | 78 | for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { |
| 78 | if((*tmp)->ext_nid < prev) bad = 1; | 79 | if ((*tmp)->ext_nid < prev) |
| 80 | bad = 1; | ||
| 79 | prev = (*tmp)->ext_nid; | 81 | prev = (*tmp)->ext_nid; |
| 80 | 82 | ||
| 81 | } | 83 | } |
| 82 | if(bad) { | 84 | if (bad) { |
| 83 | tmp = standard_exts; | 85 | tmp = standard_exts; |
| 84 | fprintf(stderr, "Extensions out of order!\n"); | 86 | fprintf(stderr, "Extensions out of order!\n"); |
| 85 | for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) | 87 | for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) |
| 86 | printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); | 88 | printf("%d : %s\n", (*tmp)->ext_nid, |
| 87 | } else fprintf(stderr, "Order OK\n"); | 89 | OBJ_nid2sn((*tmp)->ext_nid)); |
| 90 | } else | ||
| 91 | fprintf(stderr, "Order OK\n"); | ||
| 88 | } | 92 | } |
diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c index c0575e368d..b546014b2b 100644 --- a/src/lib/libcrypto/x509v3/v3_enum.c +++ b/src/lib/libcrypto/x509v3/v3_enum.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -61,37 +61,39 @@ | |||
| 61 | #include <openssl/x509v3.h> | 61 | #include <openssl/x509v3.h> |
| 62 | 62 | ||
| 63 | static ENUMERATED_NAMES crl_reasons[] = { | 63 | static ENUMERATED_NAMES crl_reasons[] = { |
| 64 | {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, | 64 | {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, |
| 65 | {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, | 65 | {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, |
| 66 | {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, | 66 | {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, |
| 67 | {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, | 67 | {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, |
| 68 | {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, | 68 | {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, |
| 69 | {CRL_REASON_CESSATION_OF_OPERATION, | 69 | {CRL_REASON_CESSATION_OF_OPERATION, |
| 70 | "Cessation Of Operation", "cessationOfOperation"}, | 70 | "Cessation Of Operation", "cessationOfOperation"}, |
| 71 | {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, | 71 | {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, |
| 72 | {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, | 72 | {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, |
| 73 | {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, | 73 | {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, |
| 74 | {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, | 74 | {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, |
| 75 | {-1, NULL, NULL} | 75 | {-1, NULL, NULL} |
| 76 | }; | 76 | }; |
| 77 | 77 | ||
| 78 | const X509V3_EXT_METHOD v3_crl_reason = { | 78 | const X509V3_EXT_METHOD v3_crl_reason = { |
| 79 | NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), | 79 | NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), |
| 80 | 0,0,0,0, | 80 | 0, 0, 0, 0, |
| 81 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, | 81 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, |
| 82 | 0, | 82 | 0, |
| 83 | 0,0,0,0, | 83 | 0, 0, 0, 0, |
| 84 | crl_reasons}; | 84 | crl_reasons |
| 85 | 85 | }; | |
| 86 | 86 | ||
| 87 | char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, | 87 | char * |
| 88 | ASN1_ENUMERATED *e) | 88 | i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e) |
| 89 | { | 89 | { |
| 90 | ENUMERATED_NAMES *enam; | 90 | ENUMERATED_NAMES *enam; |
| 91 | long strval; | 91 | long strval; |
| 92 | |||
| 92 | strval = ASN1_ENUMERATED_get(e); | 93 | strval = ASN1_ENUMERATED_get(e); |
| 93 | for(enam = method->usr_data; enam->lname; enam++) { | 94 | for (enam = method->usr_data; enam->lname; enam++) { |
| 94 | if(strval == enam->bitnum) return BUF_strdup(enam->lname); | 95 | if (strval == enam->bitnum) |
| 96 | return BUF_strdup(enam->lname); | ||
| 95 | } | 97 | } |
| 96 | return i2s_ASN1_ENUMERATED(method, e); | 98 | return i2s_ASN1_ENUMERATED(method, e); |
| 97 | } | 99 | } |
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c index 1c66532757..30d800d3ab 100644 --- a/src/lib/libcrypto/x509v3/v3_extku.c +++ b/src/lib/libcrypto/x509v3/v3_extku.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -64,19 +64,18 @@ | |||
| 64 | #include <openssl/x509v3.h> | 64 | #include <openssl/x509v3.h> |
| 65 | 65 | ||
| 66 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | 66 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, |
| 67 | X509V3_CTX *ctx, | 67 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
| 68 | STACK_OF(CONF_VALUE) *nval); | 68 | static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE( |
| 69 | static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | 69 | const X509V3_EXT_METHOD *method, void *eku, STACK_OF(CONF_VALUE) *extlist); |
| 70 | void *eku, STACK_OF(CONF_VALUE) *extlist); | ||
| 71 | 70 | ||
| 72 | const X509V3_EXT_METHOD v3_ext_ku = { | 71 | const X509V3_EXT_METHOD v3_ext_ku = { |
| 73 | NID_ext_key_usage, 0, | 72 | NID_ext_key_usage, 0, |
| 74 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), | 73 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), |
| 75 | 0,0,0,0, | 74 | 0, 0, 0, 0, |
| 76 | 0,0, | 75 | 0, 0, |
| 77 | i2v_EXTENDED_KEY_USAGE, | 76 | i2v_EXTENDED_KEY_USAGE, |
| 78 | v2i_EXTENDED_KEY_USAGE, | 77 | v2i_EXTENDED_KEY_USAGE, |
| 79 | 0,0, | 78 | 0, 0, |
| 80 | NULL | 79 | NULL |
| 81 | }; | 80 | }; |
| 82 | 81 | ||
| @@ -84,29 +83,31 @@ const X509V3_EXT_METHOD v3_ext_ku = { | |||
| 84 | const X509V3_EXT_METHOD v3_ocsp_accresp = { | 83 | const X509V3_EXT_METHOD v3_ocsp_accresp = { |
| 85 | NID_id_pkix_OCSP_acceptableResponses, 0, | 84 | NID_id_pkix_OCSP_acceptableResponses, 0, |
| 86 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), | 85 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), |
| 87 | 0,0,0,0, | 86 | 0, 0, 0, 0, |
| 88 | 0,0, | 87 | 0, 0, |
| 89 | i2v_EXTENDED_KEY_USAGE, | 88 | i2v_EXTENDED_KEY_USAGE, |
| 90 | v2i_EXTENDED_KEY_USAGE, | 89 | v2i_EXTENDED_KEY_USAGE, |
| 91 | 0,0, | 90 | 0, 0, |
| 92 | NULL | 91 | NULL |
| 93 | }; | 92 | }; |
| 94 | 93 | ||
| 95 | ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = | 94 | ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = |
| 96 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT) | 95 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, |
| 96 | ASN1_OBJECT) | ||
| 97 | ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE) | 97 | ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE) |
| 98 | 98 | ||
| 99 | IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) | 99 | IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) |
| 100 | 100 | ||
| 101 | static STACK_OF(CONF_VALUE) * | 101 | static STACK_OF(CONF_VALUE) * |
| 102 | i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a, | 102 | i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a, |
| 103 | STACK_OF(CONF_VALUE) *ext_list) | 103 | STACK_OF(CONF_VALUE) *ext_list) |
| 104 | { | 104 | { |
| 105 | EXTENDED_KEY_USAGE *eku = a; | 105 | EXTENDED_KEY_USAGE *eku = a; |
| 106 | int i; | 106 | int i; |
| 107 | ASN1_OBJECT *obj; | 107 | ASN1_OBJECT *obj; |
| 108 | char obj_tmp[80]; | 108 | char obj_tmp[80]; |
| 109 | for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { | 109 | |
| 110 | for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { | ||
| 110 | obj = sk_ASN1_OBJECT_value(eku, i); | 111 | obj = sk_ASN1_OBJECT_value(eku, i); |
| 111 | i2t_ASN1_OBJECT(obj_tmp, 80, obj); | 112 | i2t_ASN1_OBJECT(obj_tmp, 80, obj); |
| 112 | X509V3_add_value(NULL, obj_tmp, &ext_list); | 113 | X509V3_add_value(NULL, obj_tmp, &ext_list); |
| @@ -114,8 +115,9 @@ static STACK_OF(CONF_VALUE) * | |||
| 114 | return ext_list; | 115 | return ext_list; |
| 115 | } | 116 | } |
| 116 | 117 | ||
| 117 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | 118 | static void * |
| 118 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | 119 | v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 120 | STACK_OF(CONF_VALUE) *nval) | ||
| 119 | { | 121 | { |
| 120 | EXTENDED_KEY_USAGE *extku; | 122 | EXTENDED_KEY_USAGE *extku; |
| 121 | char *extval; | 123 | char *extval; |
| @@ -123,18 +125,22 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | |||
| 123 | CONF_VALUE *val; | 125 | CONF_VALUE *val; |
| 124 | int i; | 126 | int i; |
| 125 | 127 | ||
| 126 | if(!(extku = sk_ASN1_OBJECT_new_null())) { | 128 | if (!(extku = sk_ASN1_OBJECT_new_null())) { |
| 127 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,ERR_R_MALLOC_FAILURE); | 129 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, |
| 130 | ERR_R_MALLOC_FAILURE); | ||
| 128 | return NULL; | 131 | return NULL; |
| 129 | } | 132 | } |
| 130 | 133 | ||
| 131 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 134 | for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| 132 | val = sk_CONF_VALUE_value(nval, i); | 135 | val = sk_CONF_VALUE_value(nval, i); |
| 133 | if(val->value) extval = val->value; | 136 | if (val->value) |
| 134 | else extval = val->name; | 137 | extval = val->value; |
| 135 | if(!(objtmp = OBJ_txt2obj(extval, 0))) { | 138 | else |
| 139 | extval = val->name; | ||
| 140 | if (!(objtmp = OBJ_txt2obj(extval, 0))) { | ||
| 136 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); | 141 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); |
| 137 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,X509V3_R_INVALID_OBJECT_IDENTIFIER); | 142 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, |
| 143 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 138 | X509V3_conf_err(val); | 144 | X509V3_conf_err(val); |
| 139 | return NULL; | 145 | return NULL; |
| 140 | } | 146 | } |
diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c index b628357301..b47098e5a7 100644 --- a/src/lib/libcrypto/x509v3/v3_genn.c +++ b/src/lib/libcrypto/x509v3/v3_genn.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -94,27 +94,28 @@ ASN1_CHOICE(GENERAL_NAME) = { | |||
| 94 | 94 | ||
| 95 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) | 95 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) |
| 96 | 96 | ||
| 97 | ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = | 97 | ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = |
| 98 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) | 98 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) |
| 99 | ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) | 99 | ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) |
| 100 | 100 | ||
| 101 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) | 101 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) |
| 102 | 102 | ||
| 103 | GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) | 103 | GENERAL_NAME * |
| 104 | { | 104 | GENERAL_NAME_dup(GENERAL_NAME *a) |
| 105 | return (GENERAL_NAME *) ASN1_dup((i2d_of_void *) i2d_GENERAL_NAME, | 105 | { |
| 106 | (d2i_of_void *) d2i_GENERAL_NAME, | 106 | return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME, |
| 107 | (char *) a); | 107 | (d2i_of_void *)d2i_GENERAL_NAME, (char *)a); |
| 108 | } | 108 | } |
| 109 | 109 | ||
| 110 | /* Returns 0 if they are equal, != 0 otherwise. */ | 110 | /* Returns 0 if they are equal, != 0 otherwise. */ |
| 111 | int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) | 111 | int |
| 112 | { | 112 | GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) |
| 113 | { | ||
| 113 | int result = -1; | 114 | int result = -1; |
| 114 | 115 | ||
| 115 | if (!a || !b || a->type != b->type) return -1; | 116 | if (!a || !b || a->type != b->type) |
| 116 | switch(a->type) | 117 | return -1; |
| 117 | { | 118 | switch (a->type) { |
| 118 | case GEN_X400: | 119 | case GEN_X400: |
| 119 | case GEN_EDIPARTY: | 120 | case GEN_EDIPARTY: |
| 120 | result = ASN1_TYPE_cmp(a->d.other, b->d.other); | 121 | result = ASN1_TYPE_cmp(a->d.other, b->d.other); |
| @@ -137,32 +138,34 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) | |||
| 137 | case GEN_IPADD: | 138 | case GEN_IPADD: |
| 138 | result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); | 139 | result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); |
| 139 | break; | 140 | break; |
| 140 | 141 | ||
| 141 | case GEN_RID: | 142 | case GEN_RID: |
| 142 | result = OBJ_cmp(a->d.rid, b->d.rid); | 143 | result = OBJ_cmp(a->d.rid, b->d.rid); |
| 143 | break; | 144 | break; |
| 144 | } | ||
| 145 | return result; | ||
| 146 | } | 145 | } |
| 146 | return result; | ||
| 147 | } | ||
| 147 | 148 | ||
| 148 | /* Returns 0 if they are equal, != 0 otherwise. */ | 149 | /* Returns 0 if they are equal, != 0 otherwise. */ |
| 149 | int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) | 150 | int |
| 150 | { | 151 | OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) |
| 152 | { | ||
| 151 | int result = -1; | 153 | int result = -1; |
| 152 | 154 | ||
| 153 | if (!a || !b) return -1; | 155 | if (!a || !b) |
| 156 | return -1; | ||
| 154 | /* Check their type first. */ | 157 | /* Check their type first. */ |
| 155 | if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) | 158 | if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) |
| 156 | return result; | 159 | return result; |
| 157 | /* Check the value. */ | 160 | /* Check the value. */ |
| 158 | result = ASN1_TYPE_cmp(a->value, b->value); | 161 | result = ASN1_TYPE_cmp(a->value, b->value); |
| 159 | return result; | 162 | return result; |
| 160 | } | 163 | } |
| 161 | 164 | ||
| 162 | void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) | 165 | void |
| 163 | { | 166 | GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) |
| 164 | switch(type) | 167 | { |
| 165 | { | 168 | switch (type) { |
| 166 | case GEN_X400: | 169 | case GEN_X400: |
| 167 | case GEN_EDIPARTY: | 170 | case GEN_EDIPARTY: |
| 168 | a->d.other = value; | 171 | a->d.other = value; |
| @@ -185,20 +188,20 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) | |||
| 185 | case GEN_IPADD: | 188 | case GEN_IPADD: |
| 186 | a->d.ip = value; | 189 | a->d.ip = value; |
| 187 | break; | 190 | break; |
| 188 | 191 | ||
| 189 | case GEN_RID: | 192 | case GEN_RID: |
| 190 | a->d.rid = value; | 193 | a->d.rid = value; |
| 191 | break; | 194 | break; |
| 192 | } | ||
| 193 | a->type = type; | ||
| 194 | } | 195 | } |
| 196 | a->type = type; | ||
| 197 | } | ||
| 195 | 198 | ||
| 196 | void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) | 199 | void * |
| 197 | { | 200 | GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) |
| 201 | { | ||
| 198 | if (ptype) | 202 | if (ptype) |
| 199 | *ptype = a->type; | 203 | *ptype = a->type; |
| 200 | switch(a->type) | 204 | switch (a->type) { |
| 201 | { | ||
| 202 | case GEN_X400: | 205 | case GEN_X400: |
| 203 | case GEN_EDIPARTY: | 206 | case GEN_EDIPARTY: |
| 204 | return a->d.other; | 207 | return a->d.other; |
| @@ -216,19 +219,21 @@ void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) | |||
| 216 | 219 | ||
| 217 | case GEN_IPADD: | 220 | case GEN_IPADD: |
| 218 | return a->d.ip; | 221 | return a->d.ip; |
| 219 | 222 | ||
| 220 | case GEN_RID: | 223 | case GEN_RID: |
| 221 | return a->d.rid; | 224 | return a->d.rid; |
| 222 | 225 | ||
| 223 | default: | 226 | default: |
| 224 | return NULL; | 227 | return NULL; |
| 225 | } | ||
| 226 | } | 228 | } |
| 229 | } | ||
| 227 | 230 | ||
| 228 | int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, | 231 | int |
| 229 | ASN1_OBJECT *oid, ASN1_TYPE *value) | 232 | GENERAL_NAME_set0_othername(GENERAL_NAME *gen, ASN1_OBJECT *oid, |
| 230 | { | 233 | ASN1_TYPE *value) |
| 234 | { | ||
| 231 | OTHERNAME *oth; | 235 | OTHERNAME *oth; |
| 236 | |||
| 232 | oth = OTHERNAME_new(); | 237 | oth = OTHERNAME_new(); |
| 233 | if (!oth) | 238 | if (!oth) |
| 234 | return 0; | 239 | return 0; |
| @@ -236,11 +241,12 @@ int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, | |||
| 236 | oth->value = value; | 241 | oth->value = value; |
| 237 | GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); | 242 | GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); |
| 238 | return 1; | 243 | return 1; |
| 239 | } | 244 | } |
| 240 | 245 | ||
| 241 | int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, | 246 | int |
| 242 | ASN1_OBJECT **poid, ASN1_TYPE **pvalue) | 247 | GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, ASN1_OBJECT **poid, |
| 243 | { | 248 | ASN1_TYPE **pvalue) |
| 249 | { | ||
| 244 | if (gen->type != GEN_OTHERNAME) | 250 | if (gen->type != GEN_OTHERNAME) |
| 245 | return 0; | 251 | return 0; |
| 246 | if (poid) | 252 | if (poid) |
| @@ -248,5 +254,4 @@ int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, | |||
| 248 | if (pvalue) | 254 | if (pvalue) |
| 249 | *pvalue = gen->d.otherName->value; | 255 | *pvalue = gen->d.otherName->value; |
| 250 | return 1; | 256 | return 1; |
| 251 | } | 257 | } |
| 252 | |||
diff --git a/src/lib/libssl/src/crypto/x509v3/tabtest.c b/src/lib/libssl/src/crypto/x509v3/tabtest.c index 5ed6eb6891..6b8a211e5d 100644 --- a/src/lib/libssl/src/crypto/x509v3/tabtest.c +++ b/src/lib/libssl/src/crypto/x509v3/tabtest.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -70,19 +70,23 @@ main() | |||
| 70 | { | 70 | { |
| 71 | int i, prev = -1, bad = 0; | 71 | int i, prev = -1, bad = 0; |
| 72 | X509V3_EXT_METHOD **tmp; | 72 | X509V3_EXT_METHOD **tmp; |
| 73 | |||
| 73 | i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); | 74 | i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *); |
| 74 | if(i != STANDARD_EXTENSION_COUNT) | 75 | if (i != STANDARD_EXTENSION_COUNT) |
| 75 | fprintf(stderr, "Extension number invalid expecting %d\n", i); | 76 | fprintf(stderr, "Extension number invalid expecting %d\n", i); |
| 76 | tmp = standard_exts; | 77 | tmp = standard_exts; |
| 77 | for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { | 78 | for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) { |
| 78 | if((*tmp)->ext_nid < prev) bad = 1; | 79 | if ((*tmp)->ext_nid < prev) |
| 80 | bad = 1; | ||
| 79 | prev = (*tmp)->ext_nid; | 81 | prev = (*tmp)->ext_nid; |
| 80 | 82 | ||
| 81 | } | 83 | } |
| 82 | if(bad) { | 84 | if (bad) { |
| 83 | tmp = standard_exts; | 85 | tmp = standard_exts; |
| 84 | fprintf(stderr, "Extensions out of order!\n"); | 86 | fprintf(stderr, "Extensions out of order!\n"); |
| 85 | for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) | 87 | for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) |
| 86 | printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid)); | 88 | printf("%d : %s\n", (*tmp)->ext_nid, |
| 87 | } else fprintf(stderr, "Order OK\n"); | 89 | OBJ_nid2sn((*tmp)->ext_nid)); |
| 90 | } else | ||
| 91 | fprintf(stderr, "Order OK\n"); | ||
| 88 | } | 92 | } |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_enum.c b/src/lib/libssl/src/crypto/x509v3/v3_enum.c index c0575e368d..b546014b2b 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_enum.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_enum.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -61,37 +61,39 @@ | |||
| 61 | #include <openssl/x509v3.h> | 61 | #include <openssl/x509v3.h> |
| 62 | 62 | ||
| 63 | static ENUMERATED_NAMES crl_reasons[] = { | 63 | static ENUMERATED_NAMES crl_reasons[] = { |
| 64 | {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, | 64 | {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, |
| 65 | {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, | 65 | {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, |
| 66 | {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, | 66 | {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, |
| 67 | {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, | 67 | {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, |
| 68 | {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, | 68 | {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, |
| 69 | {CRL_REASON_CESSATION_OF_OPERATION, | 69 | {CRL_REASON_CESSATION_OF_OPERATION, |
| 70 | "Cessation Of Operation", "cessationOfOperation"}, | 70 | "Cessation Of Operation", "cessationOfOperation"}, |
| 71 | {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, | 71 | {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, |
| 72 | {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, | 72 | {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, |
| 73 | {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, | 73 | {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, |
| 74 | {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, | 74 | {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, |
| 75 | {-1, NULL, NULL} | 75 | {-1, NULL, NULL} |
| 76 | }; | 76 | }; |
| 77 | 77 | ||
| 78 | const X509V3_EXT_METHOD v3_crl_reason = { | 78 | const X509V3_EXT_METHOD v3_crl_reason = { |
| 79 | NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), | 79 | NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), |
| 80 | 0,0,0,0, | 80 | 0, 0, 0, 0, |
| 81 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, | 81 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, |
| 82 | 0, | 82 | 0, |
| 83 | 0,0,0,0, | 83 | 0, 0, 0, 0, |
| 84 | crl_reasons}; | 84 | crl_reasons |
| 85 | 85 | }; | |
| 86 | 86 | ||
| 87 | char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, | 87 | char * |
| 88 | ASN1_ENUMERATED *e) | 88 | i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e) |
| 89 | { | 89 | { |
| 90 | ENUMERATED_NAMES *enam; | 90 | ENUMERATED_NAMES *enam; |
| 91 | long strval; | 91 | long strval; |
| 92 | |||
| 92 | strval = ASN1_ENUMERATED_get(e); | 93 | strval = ASN1_ENUMERATED_get(e); |
| 93 | for(enam = method->usr_data; enam->lname; enam++) { | 94 | for (enam = method->usr_data; enam->lname; enam++) { |
| 94 | if(strval == enam->bitnum) return BUF_strdup(enam->lname); | 95 | if (strval == enam->bitnum) |
| 96 | return BUF_strdup(enam->lname); | ||
| 95 | } | 97 | } |
| 96 | return i2s_ASN1_ENUMERATED(method, e); | 98 | return i2s_ASN1_ENUMERATED(method, e); |
| 97 | } | 99 | } |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_extku.c b/src/lib/libssl/src/crypto/x509v3/v3_extku.c index 1c66532757..30d800d3ab 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_extku.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_extku.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -64,19 +64,18 @@ | |||
| 64 | #include <openssl/x509v3.h> | 64 | #include <openssl/x509v3.h> |
| 65 | 65 | ||
| 66 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | 66 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, |
| 67 | X509V3_CTX *ctx, | 67 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
| 68 | STACK_OF(CONF_VALUE) *nval); | 68 | static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE( |
| 69 | static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | 69 | const X509V3_EXT_METHOD *method, void *eku, STACK_OF(CONF_VALUE) *extlist); |
| 70 | void *eku, STACK_OF(CONF_VALUE) *extlist); | ||
| 71 | 70 | ||
| 72 | const X509V3_EXT_METHOD v3_ext_ku = { | 71 | const X509V3_EXT_METHOD v3_ext_ku = { |
| 73 | NID_ext_key_usage, 0, | 72 | NID_ext_key_usage, 0, |
| 74 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), | 73 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), |
| 75 | 0,0,0,0, | 74 | 0, 0, 0, 0, |
| 76 | 0,0, | 75 | 0, 0, |
| 77 | i2v_EXTENDED_KEY_USAGE, | 76 | i2v_EXTENDED_KEY_USAGE, |
| 78 | v2i_EXTENDED_KEY_USAGE, | 77 | v2i_EXTENDED_KEY_USAGE, |
| 79 | 0,0, | 78 | 0, 0, |
| 80 | NULL | 79 | NULL |
| 81 | }; | 80 | }; |
| 82 | 81 | ||
| @@ -84,29 +83,31 @@ const X509V3_EXT_METHOD v3_ext_ku = { | |||
| 84 | const X509V3_EXT_METHOD v3_ocsp_accresp = { | 83 | const X509V3_EXT_METHOD v3_ocsp_accresp = { |
| 85 | NID_id_pkix_OCSP_acceptableResponses, 0, | 84 | NID_id_pkix_OCSP_acceptableResponses, 0, |
| 86 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), | 85 | ASN1_ITEM_ref(EXTENDED_KEY_USAGE), |
| 87 | 0,0,0,0, | 86 | 0, 0, 0, 0, |
| 88 | 0,0, | 87 | 0, 0, |
| 89 | i2v_EXTENDED_KEY_USAGE, | 88 | i2v_EXTENDED_KEY_USAGE, |
| 90 | v2i_EXTENDED_KEY_USAGE, | 89 | v2i_EXTENDED_KEY_USAGE, |
| 91 | 0,0, | 90 | 0, 0, |
| 92 | NULL | 91 | NULL |
| 93 | }; | 92 | }; |
| 94 | 93 | ||
| 95 | ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = | 94 | ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = |
| 96 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT) | 95 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, |
| 96 | ASN1_OBJECT) | ||
| 97 | ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE) | 97 | ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE) |
| 98 | 98 | ||
| 99 | IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) | 99 | IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) |
| 100 | 100 | ||
| 101 | static STACK_OF(CONF_VALUE) * | 101 | static STACK_OF(CONF_VALUE) * |
| 102 | i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a, | 102 | i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a, |
| 103 | STACK_OF(CONF_VALUE) *ext_list) | 103 | STACK_OF(CONF_VALUE) *ext_list) |
| 104 | { | 104 | { |
| 105 | EXTENDED_KEY_USAGE *eku = a; | 105 | EXTENDED_KEY_USAGE *eku = a; |
| 106 | int i; | 106 | int i; |
| 107 | ASN1_OBJECT *obj; | 107 | ASN1_OBJECT *obj; |
| 108 | char obj_tmp[80]; | 108 | char obj_tmp[80]; |
| 109 | for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { | 109 | |
| 110 | for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { | ||
| 110 | obj = sk_ASN1_OBJECT_value(eku, i); | 111 | obj = sk_ASN1_OBJECT_value(eku, i); |
| 111 | i2t_ASN1_OBJECT(obj_tmp, 80, obj); | 112 | i2t_ASN1_OBJECT(obj_tmp, 80, obj); |
| 112 | X509V3_add_value(NULL, obj_tmp, &ext_list); | 113 | X509V3_add_value(NULL, obj_tmp, &ext_list); |
| @@ -114,8 +115,9 @@ static STACK_OF(CONF_VALUE) * | |||
| 114 | return ext_list; | 115 | return ext_list; |
| 115 | } | 116 | } |
| 116 | 117 | ||
| 117 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | 118 | static void * |
| 118 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | 119 | v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 120 | STACK_OF(CONF_VALUE) *nval) | ||
| 119 | { | 121 | { |
| 120 | EXTENDED_KEY_USAGE *extku; | 122 | EXTENDED_KEY_USAGE *extku; |
| 121 | char *extval; | 123 | char *extval; |
| @@ -123,18 +125,22 @@ static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, | |||
| 123 | CONF_VALUE *val; | 125 | CONF_VALUE *val; |
| 124 | int i; | 126 | int i; |
| 125 | 127 | ||
| 126 | if(!(extku = sk_ASN1_OBJECT_new_null())) { | 128 | if (!(extku = sk_ASN1_OBJECT_new_null())) { |
| 127 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,ERR_R_MALLOC_FAILURE); | 129 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, |
| 130 | ERR_R_MALLOC_FAILURE); | ||
| 128 | return NULL; | 131 | return NULL; |
| 129 | } | 132 | } |
| 130 | 133 | ||
| 131 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 134 | for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| 132 | val = sk_CONF_VALUE_value(nval, i); | 135 | val = sk_CONF_VALUE_value(nval, i); |
| 133 | if(val->value) extval = val->value; | 136 | if (val->value) |
| 134 | else extval = val->name; | 137 | extval = val->value; |
| 135 | if(!(objtmp = OBJ_txt2obj(extval, 0))) { | 138 | else |
| 139 | extval = val->name; | ||
| 140 | if (!(objtmp = OBJ_txt2obj(extval, 0))) { | ||
| 136 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); | 141 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); |
| 137 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,X509V3_R_INVALID_OBJECT_IDENTIFIER); | 142 | X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, |
| 143 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 138 | X509V3_conf_err(val); | 144 | X509V3_conf_err(val); |
| 139 | return NULL; | 145 | return NULL; |
| 140 | } | 146 | } |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_genn.c b/src/lib/libssl/src/crypto/x509v3/v3_genn.c index b628357301..b47098e5a7 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_genn.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_genn.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | * are met: | 10 | * are met: |
| 11 | * | 11 | * |
| 12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. |
| 14 | * | 14 | * |
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | 15 | * 2. Redistributions in binary form must reproduce the above copyright |
| 16 | * notice, this list of conditions and the following disclaimer in | 16 | * notice, this list of conditions and the following disclaimer in |
| @@ -94,27 +94,28 @@ ASN1_CHOICE(GENERAL_NAME) = { | |||
| 94 | 94 | ||
| 95 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) | 95 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) |
| 96 | 96 | ||
| 97 | ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = | 97 | ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = |
| 98 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) | 98 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) |
| 99 | ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) | 99 | ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) |
| 100 | 100 | ||
| 101 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) | 101 | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) |
| 102 | 102 | ||
| 103 | GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) | 103 | GENERAL_NAME * |
| 104 | { | 104 | GENERAL_NAME_dup(GENERAL_NAME *a) |
| 105 | return (GENERAL_NAME *) ASN1_dup((i2d_of_void *) i2d_GENERAL_NAME, | 105 | { |
| 106 | (d2i_of_void *) d2i_GENERAL_NAME, | 106 | return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME, |
| 107 | (char *) a); | 107 | (d2i_of_void *)d2i_GENERAL_NAME, (char *)a); |
| 108 | } | 108 | } |
| 109 | 109 | ||
| 110 | /* Returns 0 if they are equal, != 0 otherwise. */ | 110 | /* Returns 0 if they are equal, != 0 otherwise. */ |
| 111 | int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) | 111 | int |
| 112 | { | 112 | GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) |
| 113 | { | ||
| 113 | int result = -1; | 114 | int result = -1; |
| 114 | 115 | ||
| 115 | if (!a || !b || a->type != b->type) return -1; | 116 | if (!a || !b || a->type != b->type) |
| 116 | switch(a->type) | 117 | return -1; |
| 117 | { | 118 | switch (a->type) { |
| 118 | case GEN_X400: | 119 | case GEN_X400: |
| 119 | case GEN_EDIPARTY: | 120 | case GEN_EDIPARTY: |
| 120 | result = ASN1_TYPE_cmp(a->d.other, b->d.other); | 121 | result = ASN1_TYPE_cmp(a->d.other, b->d.other); |
| @@ -137,32 +138,34 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) | |||
| 137 | case GEN_IPADD: | 138 | case GEN_IPADD: |
| 138 | result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); | 139 | result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); |
| 139 | break; | 140 | break; |
| 140 | 141 | ||
| 141 | case GEN_RID: | 142 | case GEN_RID: |
| 142 | result = OBJ_cmp(a->d.rid, b->d.rid); | 143 | result = OBJ_cmp(a->d.rid, b->d.rid); |
| 143 | break; | 144 | break; |
| 144 | } | ||
| 145 | return result; | ||
| 146 | } | 145 | } |
| 146 | return result; | ||
| 147 | } | ||
| 147 | 148 | ||
| 148 | /* Returns 0 if they are equal, != 0 otherwise. */ | 149 | /* Returns 0 if they are equal, != 0 otherwise. */ |
| 149 | int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) | 150 | int |
| 150 | { | 151 | OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) |
| 152 | { | ||
| 151 | int result = -1; | 153 | int result = -1; |
| 152 | 154 | ||
| 153 | if (!a || !b) return -1; | 155 | if (!a || !b) |
| 156 | return -1; | ||
| 154 | /* Check their type first. */ | 157 | /* Check their type first. */ |
| 155 | if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) | 158 | if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) |
| 156 | return result; | 159 | return result; |
| 157 | /* Check the value. */ | 160 | /* Check the value. */ |
| 158 | result = ASN1_TYPE_cmp(a->value, b->value); | 161 | result = ASN1_TYPE_cmp(a->value, b->value); |
| 159 | return result; | 162 | return result; |
| 160 | } | 163 | } |
| 161 | 164 | ||
| 162 | void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) | 165 | void |
| 163 | { | 166 | GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) |
| 164 | switch(type) | 167 | { |
| 165 | { | 168 | switch (type) { |
| 166 | case GEN_X400: | 169 | case GEN_X400: |
| 167 | case GEN_EDIPARTY: | 170 | case GEN_EDIPARTY: |
| 168 | a->d.other = value; | 171 | a->d.other = value; |
| @@ -185,20 +188,20 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) | |||
| 185 | case GEN_IPADD: | 188 | case GEN_IPADD: |
| 186 | a->d.ip = value; | 189 | a->d.ip = value; |
| 187 | break; | 190 | break; |
| 188 | 191 | ||
| 189 | case GEN_RID: | 192 | case GEN_RID: |
| 190 | a->d.rid = value; | 193 | a->d.rid = value; |
| 191 | break; | 194 | break; |
| 192 | } | ||
| 193 | a->type = type; | ||
| 194 | } | 195 | } |
| 196 | a->type = type; | ||
| 197 | } | ||
| 195 | 198 | ||
| 196 | void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) | 199 | void * |
| 197 | { | 200 | GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) |
| 201 | { | ||
| 198 | if (ptype) | 202 | if (ptype) |
| 199 | *ptype = a->type; | 203 | *ptype = a->type; |
| 200 | switch(a->type) | 204 | switch (a->type) { |
| 201 | { | ||
| 202 | case GEN_X400: | 205 | case GEN_X400: |
| 203 | case GEN_EDIPARTY: | 206 | case GEN_EDIPARTY: |
| 204 | return a->d.other; | 207 | return a->d.other; |
| @@ -216,19 +219,21 @@ void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) | |||
| 216 | 219 | ||
| 217 | case GEN_IPADD: | 220 | case GEN_IPADD: |
| 218 | return a->d.ip; | 221 | return a->d.ip; |
| 219 | 222 | ||
| 220 | case GEN_RID: | 223 | case GEN_RID: |
| 221 | return a->d.rid; | 224 | return a->d.rid; |
| 222 | 225 | ||
| 223 | default: | 226 | default: |
| 224 | return NULL; | 227 | return NULL; |
| 225 | } | ||
| 226 | } | 228 | } |
| 229 | } | ||
| 227 | 230 | ||
| 228 | int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, | 231 | int |
| 229 | ASN1_OBJECT *oid, ASN1_TYPE *value) | 232 | GENERAL_NAME_set0_othername(GENERAL_NAME *gen, ASN1_OBJECT *oid, |
| 230 | { | 233 | ASN1_TYPE *value) |
| 234 | { | ||
| 231 | OTHERNAME *oth; | 235 | OTHERNAME *oth; |
| 236 | |||
| 232 | oth = OTHERNAME_new(); | 237 | oth = OTHERNAME_new(); |
| 233 | if (!oth) | 238 | if (!oth) |
| 234 | return 0; | 239 | return 0; |
| @@ -236,11 +241,12 @@ int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, | |||
| 236 | oth->value = value; | 241 | oth->value = value; |
| 237 | GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); | 242 | GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); |
| 238 | return 1; | 243 | return 1; |
| 239 | } | 244 | } |
| 240 | 245 | ||
| 241 | int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, | 246 | int |
| 242 | ASN1_OBJECT **poid, ASN1_TYPE **pvalue) | 247 | GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, ASN1_OBJECT **poid, |
| 243 | { | 248 | ASN1_TYPE **pvalue) |
| 249 | { | ||
| 244 | if (gen->type != GEN_OTHERNAME) | 250 | if (gen->type != GEN_OTHERNAME) |
| 245 | return 0; | 251 | return 0; |
| 246 | if (poid) | 252 | if (poid) |
| @@ -248,5 +254,4 @@ int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, | |||
| 248 | if (pvalue) | 254 | if (pvalue) |
| 249 | *pvalue = gen->d.otherName->value; | 255 | *pvalue = gen->d.otherName->value; |
| 250 | return 1; | 256 | return 1; |
| 251 | } | 257 | } |
| 252 | |||