Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build

functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
author: ryker <> 1998-10-05 20:13:14 +0000
committer: ryker <> 1998-10-05 20:13:14 +0000
commit: aeeae06a79815dc190061534d47236cec09f9e32 (patch)
tree: 851692b9c2f9c04f077666855641900f19fdb217 /src/lib/libcrypto/x509/by_dir.c
parent: a4f79641824cbf9f60ca9d1168d1fcc46717a82a (diff)
download: openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.gz
openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.bz2
openbsd-aeeae06a79815dc190061534d47236cec09f9e32.zip
1 files changed, 359 insertions, 0 deletions
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
new file mode 100644
index 0000000000..11725ec94c
--- /dev/null
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -0,0 +1,359 @@
+/* crypto/x509/by_dir.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+#include "pem.h"
+typedef struct lookup_dir_st
+        {
+        BUF_MEM *buffer;
+        int num_dirs;
+        char **dirs;
+        int *dirs_type;
+        int num_dirs_alloced;
+        } BY_DIR;
+#ifndef NOPROTO
+static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret);
+static int new_dir(X509_LOOKUP *lu);
+static void free_dir(X509_LOOKUP *lu);
+static int add_cert_dir(BY_DIR *ctx,char *dir,int type);
+static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
+        X509_OBJECT *ret);
+#else
+static int dir_ctrl();
+static int new_dir();
+static void free_dir();
+static int add_cert_dir();
+static int get_cert_by_subject();
+#endif
+X509_LOOKUP_METHOD x509_dir_lookup=
+        {
+        "Load certs from files in a directory",
+        new_dir,                /* new */
+        free_dir,               /* free */
+        NULL,                   /* init */
+        NULL,                   /* shutdown */
+        dir_ctrl,               /* ctrl */
+        get_cert_by_subject,    /* get_by_subject */
+        NULL,                   /* get_by_issuer_serial */
+        NULL,                   /* get_by_fingerprint */
+        NULL,                   /* get_by_alias */
+        };
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir()
+        {
+        return(&x509_dir_lookup);
+        }
+static int dir_ctrl(ctx,cmd,argp,argl,retp)
+X509_LOOKUP *ctx;
+int cmd;
+long argl;
+char *argp;
+char **retp;
+        {
+        int ret=0;
+        BY_DIR *ld;
+        char *dir;
+        ld=(BY_DIR *)ctx->method_data;
+        switch (cmd)
+                {
+        case X509_L_ADD_DIR:
+                if (argl == X509_FILETYPE_DEFAULT)
+                        {
+                        ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+                                X509_FILETYPE_PEM);
+                        if (!ret)
+                                {
+                                X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
+                                }
+                        else
+                                {
+                                dir=(char *)Getenv(X509_get_default_cert_dir_env());
+                                ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+                                }
+                        }
+                else
+                        ret=add_cert_dir(ld,argp,(int)argl);
+                break;
+                }
+        return(ret);
+        }
+static int new_dir(lu)
+X509_LOOKUP *lu;
+        {
+        BY_DIR *a;
+        if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
+                return(0);
+        if ((a->buffer=BUF_MEM_new()) == NULL)
+                {
+                Free(a);
+                return(0);
+                }
+        a->num_dirs=0;
+        a->dirs=NULL;
+        a->dirs_type=NULL;
+        a->num_dirs_alloced=0;
+        lu->method_data=(char *)a;
+        return(1);
+        }
+static void free_dir(lu)
+X509_LOOKUP *lu;
+        {
+        BY_DIR *a;
+        int i;
+        a=(BY_DIR *)lu->method_data;
+        for (i=0; i<a->num_dirs; i++)
+                if (a->dirs[i] != NULL) Free(a->dirs[i]);
+        if (a->dirs != NULL) Free(a->dirs);
+        if (a->dirs_type != NULL) Free(a->dirs_type);
+        if (a->buffer != NULL) BUF_MEM_free(a->buffer);
+        Free(a);
+        }
+static int add_cert_dir(ctx,dir, type)
+BY_DIR *ctx;
+char *dir;
+int type;
+        {
+        int j,len;
+        int *ip;
+        char *s,*ss,*p;
+        char **pp;
+        if (dir == NULL) return(0);
+        s=dir;
+        p=s;
+        for (;;)
+                {
+                if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
+                        {
+                        ss=s;
+                        s=p+1;
+                        len=(int)(p-ss);
+                        if (len == 0) continue;
+                        for (j=0; j<ctx->num_dirs; j++)
+                                if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
+                                        continue;
+                        if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
+                                {
+                                ctx->num_dirs_alloced+=10;
+                                pp=(char **)Malloc(ctx->num_dirs_alloced*
+                                        sizeof(char *));
+                                ip=(int *)Malloc(ctx->num_dirs_alloced*
+                                        sizeof(int));
+                                if ((pp == NULL) || (ip == NULL))
+                                        {
+                                        X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
+                                        return(0);
+                                        }
+                                memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
+                                        sizeof(char *));
+                                memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
+                                        sizeof(int));
+                                if (ctx->dirs != NULL)
+                                        Free((char *)ctx->dirs);
+                                if (ctx->dirs_type != NULL)
+                                        Free((char *)ctx->dirs_type);
+                                ctx->dirs=pp;
+                                ctx->dirs_type=ip;
+                                }
+                        ctx->dirs_type[ctx->num_dirs]=type;
+                        ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
+                        if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
+                        strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
+                        ctx->dirs[ctx->num_dirs][len]='\0';
+                        ctx->num_dirs++;
+                        }
+                if (*p == '\0') break;
+                p++;
+                }
+        return(1);
+        }
+static int get_cert_by_subject(xl,type,name,ret)
+X509_LOOKUP *xl;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+        {
+        BY_DIR *ctx;
+        union   {
+                struct  {
+                        X509 st_x509;
+                        X509_CINF st_x509_cinf;
+                        } x509;
+                struct  {
+                        X509_CRL st_crl;
+                        X509_CRL_INFO st_crl_info;
+                        } crl;
+                } data;
+        int ok=0;
+        int i,j,k;
+        unsigned long h;
+        BUF_MEM *b=NULL;
+        struct stat st;
+        X509_OBJECT stmp,*tmp;
+        char *postfix="";
+        if (name == NULL) return(0);
+        stmp.type=type;
+        if (type == X509_LU_X509)
+                {
+                data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
+                data.x509.st_x509_cinf.subject=name;
+                stmp.data.x509= &data.x509.st_x509;
+                postfix="";
+                }
+        else if (type == X509_LU_CRL)
+                {
+                data.crl.st_crl.crl= &data.crl.st_crl_info;
+                data.crl.st_crl_info.issuer=name;
+                stmp.data.crl= &data.crl.st_crl;
+                postfix="r";
+                }
+        else
+                {
+                X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
+                goto finish;
+                }
+        if ((b=BUF_MEM_new()) == NULL)
+                {
+                X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
+                goto finish;
+                }
+        
+        ctx=(BY_DIR *)xl->method_data;
+        h=X509_NAME_hash(name);
+        for (i=0; i<ctx->num_dirs; i++)
+                {
+                j=strlen(ctx->dirs[i])+1+8+6+1+1;
+                if (!BUF_MEM_grow(b,j))
+                        {
+                        X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+                        goto finish;
+                        }
+                k=0;
+                for (;;)
+                        {
+                        sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
+                                postfix,k);
+                        k++;
+                        if (stat(b->data,&st) < 0)
+                                break;
+                        /* found one. */
+                        if (type == X509_LU_X509)
+                                {
+                                if ((X509_load_cert_file(xl,b->data,
+                                        ctx->dirs_type[i])) == 0)
+                                        break;
+                                }
+                        else if (type == X509_LU_CRL)
+                                {
+                                if ((X509_load_crl_file(xl,b->data,
+                                        ctx->dirs_type[i])) == 0)
+                                        break;
+                                }
+                        /* else case will caught higher up */
+                        }
+                /* we have added it to the cache so now pull
+                 * it out again */
+                CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+                tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,
+                        (char *)&stmp);
+                CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+                if (tmp != NULL)
+                        {
+                        ok=1;
+                        ret->type=tmp->type;
+                        memcpy(&ret->data,&tmp->data,sizeof(ret->data));
+                        /* If we were going to up the reference count,
+                         * we would need to do it on a perl 'type'
+                         * basis */
+        /*              CRYPTO_add(&tmp->data.x509->references,1,
+                                CRYPTO_LOCK_X509);*/
+                        goto finish;
+                        }
+                }
+finish:
+        if (b != NULL) BUF_MEM_free(b);
+        return(ok);
+        }
author	ryker <>	1998-10-05 20:13:14 +0000
committer	ryker <>	1998-10-05 20:13:14 +0000
commit	aeeae06a79815dc190061534d47236cec09f9e32 (patch)
tree	851692b9c2f9c04f077666855641900f19fdb217 /src/lib/libcrypto/x509/by_dir.c
parent	a4f79641824cbf9f60ca9d1168d1fcc46717a82a (diff)
download	openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.gz openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.bz2 openbsd-aeeae06a79815dc190061534d47236cec09f9e32.zip

diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c new file mode 100644 index 0000000000..11725ec94c --- /dev/null +++ b/src/lib/libcrypto/x509/by_dir.c
@@ -0,0 +1,359 @@
	1	/* crypto/x509/by_dir.c */
	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
	8	*
	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
	15	*
	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
	22	*
	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
	37	* 4. If you include any Windows specific code (or a derivative thereof) from
	38	* the apps directory (application code) you must include an acknowledgement:
	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
	40	*
	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
	52	*
	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58
	59	#include <stdio.h>
	60	#include <time.h>
	61	#include <errno.h>
	62	#include <sys/types.h>
	63	#include <sys/stat.h>
	64
	65	#include "cryptlib.h"
	66	#include "lhash.h"
	67	#include "x509.h"
	68	#include "pem.h"
	69
	70	typedef struct lookup_dir_st
	71	{
	72	BUF_MEM *buffer;
	73	int num_dirs;
	74	char **dirs;
	75	int *dirs_type;
	76	int num_dirs_alloced;
	77	} BY_DIR;
	78
	79	#ifndef NOPROTO
	80	static int dir_ctrl(X509_LOOKUP ctx,int cmd,char argp,long argl,char **ret);
	81	static int new_dir(X509_LOOKUP *lu);
	82	static void free_dir(X509_LOOKUP *lu);
	83	static int add_cert_dir(BY_DIR ctx,char dir,int type);
	84	static int get_cert_by_subject(X509_LOOKUP xl,int type,X509_NAME name,
	85	X509_OBJECT *ret);
	86	#else
	87	static int dir_ctrl();
	88	static int new_dir();
	89	static void free_dir();
	90	static int add_cert_dir();
	91	static int get_cert_by_subject();
	92	#endif
	93
	94	X509_LOOKUP_METHOD x509_dir_lookup=
	95	{
	96	"Load certs from files in a directory",
	97	new_dir, /* new */
	98	free_dir, /* free */
	99	NULL, /* init */
	100	NULL, /* shutdown */
	101	dir_ctrl, /* ctrl */
	102	get_cert_by_subject, /* get_by_subject */
	103	NULL, /* get_by_issuer_serial */
	104	NULL, /* get_by_fingerprint */
	105	NULL, /* get_by_alias */
	106	};
	107
	108	X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir()
	109	{
	110	return(&x509_dir_lookup);
	111	}
	112
	113	static int dir_ctrl(ctx,cmd,argp,argl,retp)
	114	X509_LOOKUP *ctx;
	115	int cmd;
	116	long argl;
	117	char *argp;
	118	char **retp;
	119	{
	120	int ret=0;
	121	BY_DIR *ld;
	122	char *dir;
	123
	124	ld=(BY_DIR *)ctx->method_data;
	125
	126	switch (cmd)
	127	{
	128	case X509_L_ADD_DIR:
	129	if (argl == X509_FILETYPE_DEFAULT)
	130	{
	131	ret=add_cert_dir(ld,X509_get_default_cert_dir(),
	132	X509_FILETYPE_PEM);
	133	if (!ret)
	134	{
	135	X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
	136	}
	137	else
	138	{
	139	dir=(char *)Getenv(X509_get_default_cert_dir_env());
	140	ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
	141	}
	142	}
	143	else
	144	ret=add_cert_dir(ld,argp,(int)argl);
	145	break;
	146	}
	147	return(ret);
	148	}
	149
	150	static int new_dir(lu)
	151	X509_LOOKUP *lu;
	152	{
	153	BY_DIR *a;
	154
	155	if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
	156	return(0);
	157	if ((a->buffer=BUF_MEM_new()) == NULL)
	158	{
	159	Free(a);
	160	return(0);
	161	}
	162	a->num_dirs=0;
	163	a->dirs=NULL;
	164	a->dirs_type=NULL;
	165	a->num_dirs_alloced=0;
	166	lu->method_data=(char *)a;
	167	return(1);
	168	}
	169
	170	static void free_dir(lu)
	171	X509_LOOKUP *lu;
	172	{
	173	BY_DIR *a;
	174	int i;
	175
	176	a=(BY_DIR *)lu->method_data;
	177	for (i=0; i<a->num_dirs; i++)
	178	if (a->dirs[i] != NULL) Free(a->dirs[i]);
	179	if (a->dirs != NULL) Free(a->dirs);
	180	if (a->dirs_type != NULL) Free(a->dirs_type);
	181	if (a->buffer != NULL) BUF_MEM_free(a->buffer);
	182	Free(a);
	183	}
	184
	185	static int add_cert_dir(ctx,dir, type)
	186	BY_DIR *ctx;
	187	char *dir;
	188	int type;
	189	{
	190	int j,len;
	191	int *ip;
	192	char s,ss,*p;
	193	char **pp;
	194
	195	if (dir == NULL) return(0);
	196
	197	s=dir;
	198	p=s;
	199	for (;;)
	200	{
	201	if ((p == LIST_SEPARATOR_CHAR) \|\| (p == '\0'))
	202	{
	203	ss=s;
	204	s=p+1;
	205	len=(int)(p-ss);
	206	if (len == 0) continue;
	207	for (j=0; j<ctx->num_dirs; j++)
	208	if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
	209	continue;
	210	if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
	211	{
	212	ctx->num_dirs_alloced+=10;
	213	pp=(char *)Malloc(ctx->num_dirs_alloced
	214	sizeof(char *));
	215	ip=(int )Malloc(ctx->num_dirs_alloced
	216	sizeof(int));
	217	if ((pp == NULL) \|\| (ip == NULL))
	218	{
	219	X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
	220	return(0);
	221	}
	222	memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
	223	sizeof(char *));
	224	memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
	225	sizeof(int));
	226	if (ctx->dirs != NULL)
	227	Free((char *)ctx->dirs);
	228	if (ctx->dirs_type != NULL)
	229	Free((char *)ctx->dirs_type);
	230	ctx->dirs=pp;
	231	ctx->dirs_type=ip;
	232	}
	233	ctx->dirs_type[ctx->num_dirs]=type;
	234	ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
	235	if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
	236	strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
	237	ctx->dirs[ctx->num_dirs][len]='\0';
	238	ctx->num_dirs++;
	239	}
	240	if (*p == '\0') break;
	241	p++;
	242	}
	243	return(1);
	244	}
	245
	246	static int get_cert_by_subject(xl,type,name,ret)
	247	X509_LOOKUP *xl;
	248	int type;
	249	X509_NAME *name;
	250	X509_OBJECT *ret;
	251	{
	252	BY_DIR *ctx;
	253	union {
	254	struct {
	255	X509 st_x509;
	256	X509_CINF st_x509_cinf;
	257	} x509;
	258	struct {
	259	X509_CRL st_crl;
	260	X509_CRL_INFO st_crl_info;
	261	} crl;
	262	} data;
	263	int ok=0;
	264	int i,j,k;
	265	unsigned long h;
	266	BUF_MEM *b=NULL;
	267	struct stat st;
	268	X509_OBJECT stmp,*tmp;
	269	char *postfix="";
	270
	271	if (name == NULL) return(0);
	272
	273	stmp.type=type;
	274	if (type == X509_LU_X509)
	275	{
	276	data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
	277	data.x509.st_x509_cinf.subject=name;
	278	stmp.data.x509= &data.x509.st_x509;
	279	postfix="";
	280	}
	281	else if (type == X509_LU_CRL)
	282	{
	283	data.crl.st_crl.crl= &data.crl.st_crl_info;
	284	data.crl.st_crl_info.issuer=name;
	285	stmp.data.crl= &data.crl.st_crl;
	286	postfix="r";
	287	}
	288	else
	289	{
	290	X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
	291	goto finish;
	292	}
	293
	294	if ((b=BUF_MEM_new()) == NULL)
	295	{
	296	X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
	297	goto finish;
	298	}
	299
	300	ctx=(BY_DIR *)xl->method_data;
	301
	302	h=X509_NAME_hash(name);
	303	for (i=0; i<ctx->num_dirs; i++)
	304	{
	305	j=strlen(ctx->dirs[i])+1+8+6+1+1;
	306	if (!BUF_MEM_grow(b,j))
	307	{
	308	X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
	309	goto finish;
	310	}
	311	k=0;
	312	for (;;)
	313	{
	314	sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
	315	postfix,k);
	316	k++;
	317	if (stat(b->data,&st) < 0)
	318	break;
	319	/* found one. */
	320	if (type == X509_LU_X509)
	321	{
	322	if ((X509_load_cert_file(xl,b->data,
	323	ctx->dirs_type[i])) == 0)
	324	break;
	325	}
	326	else if (type == X509_LU_CRL)
	327	{
	328	if ((X509_load_crl_file(xl,b->data,
	329	ctx->dirs_type[i])) == 0)
	330	break;
	331	}
	332	/* else case will caught higher up */
	333	}
	334
	335	/* we have added it to the cache so now pull
	336	* it out again */
	337	CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
	338	tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,
	339	(char *)&stmp);
	340	CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
	341
	342	if (tmp != NULL)
	343	{
	344	ok=1;
	345	ret->type=tmp->type;
	346	memcpy(&ret->data,&tmp->data,sizeof(ret->data));
	347	/* If we were going to up the reference count,
	348	* we would need to do it on a perl 'type'
	349	* basis */
	350	/* CRYPTO_add(&tmp->data.x509->references,1,
	351	CRYPTO_LOCK_X509);*/
	352	goto finish;
	353	}
	354	}
	355	finish:
	356	if (b != NULL) BUF_MEM_free(b);
	357	return(ok);
	358	}
	359