resolve conflicts, fix local changes

author: djm <> 2010-10-01 22:59:01 +0000
committer: djm <> 2010-10-01 22:59:01 +0000
commit: 8922d4bc4a8b8893d72a48deb2cdf58215f98505 (patch)
tree: 939b752540947d33507b3acc48d76a8bfb7c3dc3 /src/lib/libcrypto/x509v3/v3_alt.c
parent: 76262f7bf9262f965142b1b2b2105cb279c5c696 (diff)
download: openbsd-8922d4bc4a8b8893d72a48deb2cdf58215f98505.tar.gz
openbsd-8922d4bc4a8b8893d72a48deb2cdf58215f98505.tar.bz2
openbsd-8922d4bc4a8b8893d72a48deb2cdf58215f98505.zip
1 files changed, 86 insertions, 54 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index 75fda7f268..91aefcddc1 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -82,6 +82,12 @@ NULL, NULL, NULL},
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_issuer_alt,
 NULL, NULL, NULL},
+{ NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES),
+0,0,0,0,
+0,0,
+(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
+NULL, NULL, NULL, NULL},
 };
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
@@ -147,9 +153,9 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                                BIO_snprintf(htmp, sizeof htmp,
                                             "%X", p[0] << 8 | p[1]);
                                p += 2;
-                                strlcat(oline, htmp, sizeof oline);
+                                strlcat(oline, htmp, sizeof(oline));
                                if (i != 7)
-                                        strlcat(oline, ":", sizeof oline);
+                                        strlcat(oline, ":", sizeof(oline));
                                }
                        }
                else
@@ -360,6 +366,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
                if (move_p)
                        {
                        X509_NAME_delete_entry(nm, i);
+                        X509_NAME_ENTRY_free(ne);
                        i--;
                        }
                if(!email || !(gen = GENERAL_NAME_new())) {
@@ -386,8 +393,8 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
        
 }
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
-                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
        GENERAL_NAME *gen;
        GENERAL_NAMES *gens = NULL;
@@ -408,28 +415,22 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
        return NULL;
 }
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                                                         CONF_VALUE *cnf)
+                               CONF_VALUE *cnf)
        {
        return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
        }
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
-                                X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                               const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                                                 CONF_VALUE *cnf, int is_nc)
+                               int gen_type, char *value, int is_nc)
        {
        char is_string = 0;
-        int type;
        GENERAL_NAME *gen = NULL;
-        char *name, *value;
-        name = cnf->name;
-        value = cnf->value;
        if(!value)
                {
-                X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+                X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
                return NULL;
                }
@@ -440,74 +441,62 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
                gen = GENERAL_NAME_new();
                if(gen == NULL)
                        {
-                        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
+                        X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
                        return NULL;
                        }
                }
-        if(!name_cmp(name, "email"))
+        switch (gen_type)
-                {
-                is_string = 1;
-                type = GEN_EMAIL;
-                }
-        else if(!name_cmp(name, "URI"))
-                {
-                is_string = 1;
-                type = GEN_URI;
-                }
-        else if(!name_cmp(name, "DNS"))
                {
+                case GEN_URI:
+                case GEN_EMAIL:
+                case GEN_DNS:
                is_string = 1;
-                type = GEN_DNS;
+                break;
-                }
+                
-        else if(!name_cmp(name, "RID"))
+                case GEN_RID:
                {
                ASN1_OBJECT *obj;
                if(!(obj = OBJ_txt2obj(value,0)))
                        {
-                        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT);
+                        X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
                        ERR_add_error_data(2, "value=", value);
                        goto err;
                        }
                gen->d.rid = obj;
-                type = GEN_RID;
                }
-        else if(!name_cmp(name, "IP"))
+                break;
-                {
+                case GEN_IPADD:
                if (is_nc)
                        gen->d.ip = a2i_IPADDRESS_NC(value);
                else
                        gen->d.ip = a2i_IPADDRESS(value);
                if(gen->d.ip == NULL)
                        {
-                        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS);
+                        X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
                        ERR_add_error_data(2, "value=", value);
                        goto err;
                        }
-                type = GEN_IPADD;
+                break;
-                }
-        else if(!name_cmp(name, "dirName"))
+                case GEN_DIRNAME:
-                {
-                type = GEN_DIRNAME;
                if (!do_dirname(gen, value, ctx))
                        {
-                        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR);
+                        X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
                        goto err;
                        }
-                }
+                break;
-        else if(!name_cmp(name, "otherName"))
-                {
+                case GEN_OTHERNAME:
                if (!do_othername(gen, value, ctx))
                        {
-                        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR);
+                        X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
                        goto err;
                        }
-                type = GEN_OTHERNAME;
+                break;
-                }
+                default:
-        else
+                X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE);
-                {
-                X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
-                ERR_add_error_data(2, "name=", name);
                goto err;
                }
@@ -517,12 +506,12 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
                              !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
                                               strlen(value)))
                        {
-                        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
+                        X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
                        goto err;
                        }
                }
-        gen->type = type;
+        gen->type = gen_type;
        return gen;
@@ -532,6 +521,48 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
        return NULL;
        }
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+                                  const X509V3_EXT_METHOD *method,
+                                  X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)
+        {
+        int type;
+        char *name, *value;
+        name = cnf->name;
+        value = cnf->value;
+        if(!value)
+                {
+                X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+                return NULL;
+                }
+        if(!name_cmp(name, "email"))
+                type = GEN_EMAIL;
+        else if(!name_cmp(name, "URI"))
+                type = GEN_URI;
+        else if(!name_cmp(name, "DNS"))
+                type = GEN_DNS;
+        else if(!name_cmp(name, "RID"))
+                type = GEN_RID;
+        else if(!name_cmp(name, "IP"))
+                type = GEN_IPADD;
+        else if(!name_cmp(name, "dirName"))
+                type = GEN_DIRNAME;
+        else if(!name_cmp(name, "otherName"))
+                type = GEN_OTHERNAME;
+        else
+                {
+                X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
+                ERR_add_error_data(2, "name=", name);
+                return NULL;
+                }
+        return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
+        }
 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
        {
        char *objtmp = NULL, *p;
@@ -577,6 +608,7 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
        if (!ret)
                X509_NAME_free(nm);
        gen->d.dirn = nm;
+        X509V3_section_free(ctx, sk);
                
        return ret;
        }
author	djm <>	2010-10-01 22:59:01 +0000
committer	djm <>	2010-10-01 22:59:01 +0000
commit	8922d4bc4a8b8893d72a48deb2cdf58215f98505 (patch)
tree	939b752540947d33507b3acc48d76a8bfb7c3dc3 /src/lib/libcrypto/x509v3/v3_alt.c
parent	76262f7bf9262f965142b1b2b2105cb279c5c696 (diff)
download	openbsd-8922d4bc4a8b8893d72a48deb2cdf58215f98505.tar.gz openbsd-8922d4bc4a8b8893d72a48deb2cdf58215f98505.tar.bz2 openbsd-8922d4bc4a8b8893d72a48deb2cdf58215f98505.zip

diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c index 75fda7f268..91aefcddc1 100644 --- a/src/lib/libcrypto/x509v3/v3_alt.c +++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -82,6 +82,12 @@ NULL, NULL, NULL},
82	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,	82	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
83	(X509V3_EXT_V2I)v2i_issuer_alt,	83	(X509V3_EXT_V2I)v2i_issuer_alt,
84	NULL, NULL, NULL},	84	NULL, NULL, NULL},
		85
		86	{ NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES),
		87	0,0,0,0,
		88	0,0,
		89	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
		90	NULL, NULL, NULL, NULL},
85	};	91	};
86		92
87	STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,	93	STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,
@@ -147,9 +153,9 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,
147	BIO_snprintf(htmp, sizeof htmp,	153	BIO_snprintf(htmp, sizeof htmp,
148	"%X", p[0] << 8 \| p[1]);	154	"%X", p[0] << 8 \| p[1]);
149	p += 2;	155	p += 2;
150	strlcat(oline, htmp, sizeof oline);	156	strlcat(oline, htmp, sizeof(oline));
151	if (i != 7)	157	if (i != 7)
152	strlcat(oline, ":", sizeof oline);	158	strlcat(oline, ":", sizeof(oline));
153	}	159	}
154	}	160	}
155	else	161	else
@@ -360,6 +366,7 @@ static int copy_email(X509V3_CTX ctx, GENERAL_NAMES gens, int move_p)
360	if (move_p)	366	if (move_p)
361	{	367	{
362	X509_NAME_delete_entry(nm, i);	368	X509_NAME_delete_entry(nm, i);
		369	X509_NAME_ENTRY_free(ne);
363	i--;	370	i--;
364	}	371	}
365	if(!email \|\| !(gen = GENERAL_NAME_new())) {	372	if(!email \|\| !(gen = GENERAL_NAME_new())) {
@@ -386,8 +393,8 @@ static int copy_email(X509V3_CTX ctx, GENERAL_NAMES gens, int move_p)
386		393
387	}	394	}
388		395
389	GENERAL_NAMES v2i_GENERAL_NAMES(X509V3_EXT_METHOD method,	396	GENERAL_NAMES v2i_GENERAL_NAMES(const X509V3_EXT_METHOD method,
390	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)	397	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)
391	{	398	{
392	GENERAL_NAME *gen;	399	GENERAL_NAME *gen;
393	GENERAL_NAMES *gens = NULL;	400	GENERAL_NAMES *gens = NULL;
@@ -408,28 +415,22 @@ GENERAL_NAMES v2i_GENERAL_NAMES(X509V3_EXT_METHOD method,
408	return NULL;	415	return NULL;
409	}	416	}
410		417
411	GENERAL_NAME v2i_GENERAL_NAME(X509V3_EXT_METHOD method, X509V3_CTX *ctx,	418	GENERAL_NAME v2i_GENERAL_NAME(const X509V3_EXT_METHOD method, X509V3_CTX *ctx,
412	CONF_VALUE *cnf)	419	CONF_VALUE *cnf)
413	{	420	{
414	return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);	421	return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
415	}	422	}
416		423
417	GENERAL_NAME v2i_GENERAL_NAME_ex(GENERAL_NAME out,	424	GENERAL_NAME a2i_GENERAL_NAME(GENERAL_NAME out,
418	X509V3_EXT_METHOD method, X509V3_CTX ctx,	425	const X509V3_EXT_METHOD method, X509V3_CTX ctx,
419	CONF_VALUE *cnf, int is_nc)	426	int gen_type, char *value, int is_nc)
420	{	427	{
421	char is_string = 0;	428	char is_string = 0;
422	int type;
423	GENERAL_NAME *gen = NULL;	429	GENERAL_NAME *gen = NULL;
424		430
425	char name, value;
426
427	name = cnf->name;
428	value = cnf->value;
429
430	if(!value)	431	if(!value)
431	{	432	{
432	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);	433	X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
433	return NULL;	434	return NULL;
434	}	435	}
435		436
@@ -440,74 +441,62 @@ GENERAL_NAME v2i_GENERAL_NAME_ex(GENERAL_NAME out,
440	gen = GENERAL_NAME_new();	441	gen = GENERAL_NAME_new();
441	if(gen == NULL)	442	if(gen == NULL)
442	{	443	{
443	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);	444	X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
444	return NULL;	445	return NULL;
445	}	446	}
446	}	447	}
447		448
448	if(!name_cmp(name, "email"))	449	switch (gen_type)
449	{
450	is_string = 1;
451	type = GEN_EMAIL;
452	}
453	else if(!name_cmp(name, "URI"))
454	{
455	is_string = 1;
456	type = GEN_URI;
457	}
458	else if(!name_cmp(name, "DNS"))
459	{	450	{
		451	case GEN_URI:
		452	case GEN_EMAIL:
		453	case GEN_DNS:
460	is_string = 1;	454	is_string = 1;
461	type = GEN_DNS;	455	break;
462	}	456
463	else if(!name_cmp(name, "RID"))	457	case GEN_RID:
464	{	458	{
465	ASN1_OBJECT *obj;	459	ASN1_OBJECT *obj;
466	if(!(obj = OBJ_txt2obj(value,0)))	460	if(!(obj = OBJ_txt2obj(value,0)))
467	{	461	{
468	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT);	462	X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
469	ERR_add_error_data(2, "value=", value);	463	ERR_add_error_data(2, "value=", value);
470	goto err;	464	goto err;
471	}	465	}
472	gen->d.rid = obj;	466	gen->d.rid = obj;
473	type = GEN_RID;
474	}	467	}
475	else if(!name_cmp(name, "IP"))	468	break;
476	{	469
		470	case GEN_IPADD:
477	if (is_nc)	471	if (is_nc)
478	gen->d.ip = a2i_IPADDRESS_NC(value);	472	gen->d.ip = a2i_IPADDRESS_NC(value);
479	else	473	else
480	gen->d.ip = a2i_IPADDRESS(value);	474	gen->d.ip = a2i_IPADDRESS(value);
481	if(gen->d.ip == NULL)	475	if(gen->d.ip == NULL)
482	{	476	{
483	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS);	477	X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
484	ERR_add_error_data(2, "value=", value);	478	ERR_add_error_data(2, "value=", value);
485	goto err;	479	goto err;
486	}	480	}
487	type = GEN_IPADD;	481	break;
488	}	482
489	else if(!name_cmp(name, "dirName"))	483	case GEN_DIRNAME:
490	{
491	type = GEN_DIRNAME;
492	if (!do_dirname(gen, value, ctx))	484	if (!do_dirname(gen, value, ctx))
493	{	485	{
494	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR);	486	X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
495	goto err;	487	goto err;
496	}	488	}
497	}	489	break;
498	else if(!name_cmp(name, "otherName"))	490
499	{	491	case GEN_OTHERNAME:
500	if (!do_othername(gen, value, ctx))	492	if (!do_othername(gen, value, ctx))
501	{	493	{
502	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR);	494	X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
503	goto err;	495	goto err;
504	}	496	}
505	type = GEN_OTHERNAME;	497	break;
506	}	498	default:
507	else	499	X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE);
508	{
509	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
510	ERR_add_error_data(2, "name=", name);
511	goto err;	500	goto err;
512	}	501	}
513		502
@@ -517,12 +506,12 @@ GENERAL_NAME v2i_GENERAL_NAME_ex(GENERAL_NAME out,
517	!ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,	506	!ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
518	strlen(value)))	507	strlen(value)))
519	{	508	{
520	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);	509	X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
521	goto err;	510	goto err;
522	}	511	}
523	}	512	}
524		513
525	gen->type = type;	514	gen->type = gen_type;
526		515
527	return gen;	516	return gen;
528		517
@@ -532,6 +521,48 @@ GENERAL_NAME v2i_GENERAL_NAME_ex(GENERAL_NAME out,
532	return NULL;	521	return NULL;
533	}	522	}
534		523
		524	GENERAL_NAME v2i_GENERAL_NAME_ex(GENERAL_NAME out,
		525	const X509V3_EXT_METHOD *method,
		526	X509V3_CTX ctx, CONF_VALUE cnf, int is_nc)
		527	{
		528	int type;
		529
		530	char name, value;
		531
		532	name = cnf->name;
		533	value = cnf->value;
		534
		535	if(!value)
		536	{
		537	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
		538	return NULL;
		539	}
		540
		541	if(!name_cmp(name, "email"))
		542	type = GEN_EMAIL;
		543	else if(!name_cmp(name, "URI"))
		544	type = GEN_URI;
		545	else if(!name_cmp(name, "DNS"))
		546	type = GEN_DNS;
		547	else if(!name_cmp(name, "RID"))
		548	type = GEN_RID;
		549	else if(!name_cmp(name, "IP"))
		550	type = GEN_IPADD;
		551	else if(!name_cmp(name, "dirName"))
		552	type = GEN_DIRNAME;
		553	else if(!name_cmp(name, "otherName"))
		554	type = GEN_OTHERNAME;
		555	else
		556	{
		557	X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
		558	ERR_add_error_data(2, "name=", name);
		559	return NULL;
		560	}
		561
		562	return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
		563
		564	}
		565
535	static int do_othername(GENERAL_NAME gen, char value, X509V3_CTX *ctx)	566	static int do_othername(GENERAL_NAME gen, char value, X509V3_CTX *ctx)
536	{	567	{
537	char objtmp = NULL, p;	568	char objtmp = NULL, p;
@@ -577,6 +608,7 @@ static int do_dirname(GENERAL_NAME gen, char value, X509V3_CTX *ctx)
577	if (!ret)	608	if (!ret)
578	X509_NAME_free(nm);	609	X509_NAME_free(nm);
579	gen->d.dirn = nm;	610	gen->d.dirn = nm;
		611	X509V3_section_free(ctx, sk);
580		612
581	return ret;	613	return ret;
582	}	614	}