diff options
| author | job <> | 2021-09-02 12:41:44 +0000 |
|---|---|---|
| committer | job <> | 2021-09-02 12:41:44 +0000 |
| commit | a9cb954f2cf630ab74009f5641622ac0d175bc58 (patch) | |
| tree | 68881b07659cc9e2b17902a5156f430f2154ecf8 /src/lib/libcrypto/asn1 | |
| parent | e7198b4ee0ece23326da3c1f771171a6ca285eca (diff) | |
| download | openbsd-a9cb954f2cf630ab74009f5641622ac0d175bc58.tar.gz openbsd-a9cb954f2cf630ab74009f5641622ac0d175bc58.tar.bz2 openbsd-a9cb954f2cf630ab74009f5641622ac0d175bc58.zip | |
Lay groundwork to support X.509 v3 extensions for IP Addresses and AS Identifiers
These extensions are defined in RFC 3779 and used in the RPKI (RFC 6482, RFC 8360).
Imported from OpenSSL 1.1.1j (aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf)
This changeset is a no-op, as there are 10+ issues and at least 2 security issues.
Work will continue in-tree.
OK tb@, discussed with beck@
Diffstat (limited to 'src/lib/libcrypto/asn1')
| -rw-r--r-- | src/lib/libcrypto/asn1/x_x509.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c index 6a56a795c0..422f6256f7 100644 --- a/src/lib/libcrypto/asn1/x_x509.c +++ b/src/lib/libcrypto/asn1/x_x509.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x_x509.c,v 1.26 2018/02/17 15:50:42 jsing Exp $ */ | 1 | /* $OpenBSD: x_x509.c,v 1.27 2021/09/02 12:41:44 job Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -185,6 +185,10 @@ x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) | |||
| 185 | ret->akid = NULL; | 185 | ret->akid = NULL; |
| 186 | ret->aux = NULL; | 186 | ret->aux = NULL; |
| 187 | ret->crldp = NULL; | 187 | ret->crldp = NULL; |
| 188 | #ifndef OPENSSL_NO_RFC3779 | ||
| 189 | ret->rfc3779_addr = NULL; | ||
| 190 | ret->rfc3779_asid = NULL; | ||
| 191 | #endif | ||
| 188 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); | 192 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); |
| 189 | break; | 193 | break; |
| 190 | 194 | ||
| @@ -202,6 +206,10 @@ x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) | |||
| 202 | policy_cache_free(ret->policy_cache); | 206 | policy_cache_free(ret->policy_cache); |
| 203 | GENERAL_NAMES_free(ret->altname); | 207 | GENERAL_NAMES_free(ret->altname); |
| 204 | NAME_CONSTRAINTS_free(ret->nc); | 208 | NAME_CONSTRAINTS_free(ret->nc); |
| 209 | #ifndef OPENSSL_NO_RFC3779 | ||
| 210 | sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); | ||
| 211 | ASIdentifiers_free(ret->rfc3779_asid); | ||
| 212 | #endif | ||
| 205 | free(ret->name); | 213 | free(ret->name); |
| 206 | ret->name = NULL; | 214 | ret->name = NULL; |
| 207 | break; | 215 | break; |