diff options
| author | jsing <> | 2014-04-20 15:06:11 +0000 |
|---|---|---|
| committer | jsing <> | 2014-04-20 15:06:11 +0000 |
| commit | 22040972cd1605d2674ceae87d803629cf0410ad (patch) | |
| tree | 3b50847157e6e4ad188fd9cb8d6894bae5a9d254 /src | |
| parent | 21b8918796c8690927f44901431ed2751dfd1304 (diff) | |
| download | openbsd-22040972cd1605d2674ceae87d803629cf0410ad.tar.gz openbsd-22040972cd1605d2674ceae87d803629cf0410ad.tar.bz2 openbsd-22040972cd1605d2674ceae87d803629cf0410ad.zip | |
KNF.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_att.c | 277 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509_cmp.c | 231 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509_d2.c | 60 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509_def.c | 55 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509/x509_att.c | 277 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509/x509_cmp.c | 231 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509/x509_d2.c | 60 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/x509/x509_def.c | 55 |
8 files changed, 718 insertions, 528 deletions
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c index 7f924fbe39..5699568998 100644 --- a/src/lib/libcrypto/x509/x509_att.c +++ b/src/lib/libcrypto/x509/x509_att.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -65,134 +65,152 @@ | |||
| 65 | #include <openssl/x509.h> | 65 | #include <openssl/x509.h> |
| 66 | #include <openssl/x509v3.h> | 66 | #include <openssl/x509v3.h> |
| 67 | 67 | ||
| 68 | int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) | 68 | int |
| 69 | X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) | ||
| 69 | { | 70 | { |
| 70 | return sk_X509_ATTRIBUTE_num(x); | 71 | return sk_X509_ATTRIBUTE_num(x); |
| 71 | } | 72 | } |
| 72 | 73 | ||
| 73 | int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, | 74 | int |
| 74 | int lastpos) | 75 | X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, |
| 76 | int lastpos) | ||
| 75 | { | 77 | { |
| 76 | ASN1_OBJECT *obj; | 78 | ASN1_OBJECT *obj; |
| 77 | 79 | ||
| 78 | obj=OBJ_nid2obj(nid); | 80 | obj = OBJ_nid2obj(nid); |
| 79 | if (obj == NULL) return(-2); | 81 | if (obj == NULL) |
| 80 | return(X509at_get_attr_by_OBJ(x,obj,lastpos)); | 82 | return (-2); |
| 83 | return (X509at_get_attr_by_OBJ(x, obj, lastpos)); | ||
| 81 | } | 84 | } |
| 82 | 85 | ||
| 83 | int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, | 86 | int |
| 84 | int lastpos) | 87 | X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, |
| 88 | int lastpos) | ||
| 85 | { | 89 | { |
| 86 | int n; | 90 | int n; |
| 87 | X509_ATTRIBUTE *ex; | 91 | X509_ATTRIBUTE *ex; |
| 88 | 92 | ||
| 89 | if (sk == NULL) return(-1); | 93 | if (sk == NULL) |
| 94 | return (-1); | ||
| 90 | lastpos++; | 95 | lastpos++; |
| 91 | if (lastpos < 0) | 96 | if (lastpos < 0) |
| 92 | lastpos=0; | 97 | lastpos = 0; |
| 93 | n=sk_X509_ATTRIBUTE_num(sk); | 98 | n = sk_X509_ATTRIBUTE_num(sk); |
| 94 | for ( ; lastpos < n; lastpos++) { | 99 | for (; lastpos < n; lastpos++) { |
| 95 | ex=sk_X509_ATTRIBUTE_value(sk,lastpos); | 100 | ex = sk_X509_ATTRIBUTE_value(sk, lastpos); |
| 96 | if (OBJ_cmp(ex->object,obj) == 0) | 101 | if (OBJ_cmp(ex->object, obj) == 0) |
| 97 | return(lastpos); | 102 | return (lastpos); |
| 98 | } | 103 | } |
| 99 | return(-1); | 104 | return (-1); |
| 100 | } | 105 | } |
| 101 | 106 | ||
| 102 | X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc) | 107 | X509_ATTRIBUTE * |
| 108 | X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc) | ||
| 103 | { | 109 | { |
| 104 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) | 110 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) |
| 105 | return NULL; | 111 | return NULL; |
| 106 | else | 112 | else |
| 107 | return sk_X509_ATTRIBUTE_value(x,loc); | 113 | return sk_X509_ATTRIBUTE_value(x, loc); |
| 108 | } | 114 | } |
| 109 | 115 | ||
| 110 | X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc) | 116 | X509_ATTRIBUTE * |
| 117 | X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc) | ||
| 111 | { | 118 | { |
| 112 | X509_ATTRIBUTE *ret; | 119 | X509_ATTRIBUTE *ret; |
| 113 | 120 | ||
| 114 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) | 121 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) |
| 115 | return(NULL); | 122 | return (NULL); |
| 116 | ret=sk_X509_ATTRIBUTE_delete(x,loc); | 123 | ret = sk_X509_ATTRIBUTE_delete(x, loc); |
| 117 | return(ret); | 124 | return (ret); |
| 118 | } | 125 | } |
| 119 | 126 | ||
| 120 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, | 127 | STACK_OF(X509_ATTRIBUTE) * |
| 121 | X509_ATTRIBUTE *attr) | 128 | X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr) |
| 122 | { | 129 | { |
| 123 | X509_ATTRIBUTE *new_attr=NULL; | 130 | X509_ATTRIBUTE *new_attr = NULL; |
| 124 | STACK_OF(X509_ATTRIBUTE) *sk=NULL; | 131 | STACK_OF(X509_ATTRIBUTE) *sk = NULL; |
| 125 | 132 | ||
| 126 | if (x == NULL) { | 133 | if (x == NULL) { |
| 127 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); | 134 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); |
| 128 | goto err2; | 135 | goto err2; |
| 129 | } | 136 | } |
| 130 | 137 | ||
| 131 | if (*x == NULL) { | 138 | if (*x == NULL) { |
| 132 | if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) | 139 | if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL) |
| 133 | goto err; | 140 | goto err; |
| 134 | } else | 141 | } else |
| 135 | sk= *x; | 142 | sk= *x; |
| 136 | 143 | ||
| 137 | if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL) | 144 | if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL) |
| 138 | goto err2; | 145 | goto err2; |
| 139 | if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) | 146 | if (!sk_X509_ATTRIBUTE_push(sk, new_attr)) |
| 140 | goto err; | 147 | goto err; |
| 141 | if (*x == NULL) | 148 | if (*x == NULL) |
| 142 | *x=sk; | 149 | *x = sk; |
| 143 | return(sk); | 150 | return (sk); |
| 151 | |||
| 144 | err: | 152 | err: |
| 145 | X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE); | 153 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE); |
| 146 | err2: | 154 | err2: |
| 147 | if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); | 155 | if (new_attr != NULL) |
| 148 | if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); | 156 | X509_ATTRIBUTE_free(new_attr); |
| 149 | return(NULL); | 157 | if (sk != NULL) |
| 158 | sk_X509_ATTRIBUTE_free(sk); | ||
| 159 | return (NULL); | ||
| 150 | } | 160 | } |
| 151 | 161 | ||
| 152 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, | 162 | STACK_OF(X509_ATTRIBUTE) * |
| 153 | const ASN1_OBJECT *obj, int type, | 163 | X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, |
| 154 | const unsigned char *bytes, int len) | 164 | int type, const unsigned char *bytes, int len) |
| 155 | { | 165 | { |
| 156 | X509_ATTRIBUTE *attr; | 166 | X509_ATTRIBUTE *attr; |
| 157 | STACK_OF(X509_ATTRIBUTE) *ret; | 167 | STACK_OF(X509_ATTRIBUTE) *ret; |
| 168 | |||
| 158 | attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len); | 169 | attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len); |
| 159 | if(!attr) return 0; | 170 | if (!attr) |
| 171 | return 0; | ||
| 160 | ret = X509at_add1_attr(x, attr); | 172 | ret = X509at_add1_attr(x, attr); |
| 161 | X509_ATTRIBUTE_free(attr); | 173 | X509_ATTRIBUTE_free(attr); |
| 162 | return ret; | 174 | return ret; |
| 163 | } | 175 | } |
| 164 | 176 | ||
| 165 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, | 177 | STACK_OF(X509_ATTRIBUTE) * |
| 166 | int nid, int type, | 178 | X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, |
| 167 | const unsigned char *bytes, int len) | 179 | const unsigned char *bytes, int len) |
| 168 | { | 180 | { |
| 169 | X509_ATTRIBUTE *attr; | 181 | X509_ATTRIBUTE *attr; |
| 170 | STACK_OF(X509_ATTRIBUTE) *ret; | 182 | STACK_OF(X509_ATTRIBUTE) *ret; |
| 183 | |||
| 171 | attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len); | 184 | attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len); |
| 172 | if(!attr) return 0; | 185 | if (!attr) |
| 186 | return 0; | ||
| 173 | ret = X509at_add1_attr(x, attr); | 187 | ret = X509at_add1_attr(x, attr); |
| 174 | X509_ATTRIBUTE_free(attr); | 188 | X509_ATTRIBUTE_free(attr); |
| 175 | return ret; | 189 | return ret; |
| 176 | } | 190 | } |
| 177 | 191 | ||
| 178 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, | 192 | STACK_OF(X509_ATTRIBUTE) * |
| 179 | const char *attrname, int type, | 193 | X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, |
| 180 | const unsigned char *bytes, int len) | 194 | int type, const unsigned char *bytes, int len) |
| 181 | { | 195 | { |
| 182 | X509_ATTRIBUTE *attr; | 196 | X509_ATTRIBUTE *attr; |
| 183 | STACK_OF(X509_ATTRIBUTE) *ret; | 197 | STACK_OF(X509_ATTRIBUTE) *ret; |
| 198 | |||
| 184 | attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len); | 199 | attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len); |
| 185 | if(!attr) return 0; | 200 | if (!attr) |
| 201 | return 0; | ||
| 186 | ret = X509at_add1_attr(x, attr); | 202 | ret = X509at_add1_attr(x, attr); |
| 187 | X509_ATTRIBUTE_free(attr); | 203 | X509_ATTRIBUTE_free(attr); |
| 188 | return ret; | 204 | return ret; |
| 189 | } | 205 | } |
| 190 | 206 | ||
| 191 | void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, | 207 | void * |
| 192 | ASN1_OBJECT *obj, int lastpos, int type) | 208 | X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj, |
| 209 | int lastpos, int type) | ||
| 193 | { | 210 | { |
| 194 | int i; | 211 | int i; |
| 195 | X509_ATTRIBUTE *at; | 212 | X509_ATTRIBUTE *at; |
| 213 | |||
| 196 | i = X509at_get_attr_by_OBJ(x, obj, lastpos); | 214 | i = X509at_get_attr_by_OBJ(x, obj, lastpos); |
| 197 | if (i == -1) | 215 | if (i == -1) |
| 198 | return NULL; | 216 | return NULL; |
| @@ -204,96 +222,112 @@ void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, | |||
| 204 | return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); | 222 | return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); |
| 205 | } | 223 | } |
| 206 | 224 | ||
| 207 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, | 225 | X509_ATTRIBUTE * |
| 208 | int atrtype, const void *data, int len) | 226 | X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, |
| 227 | const void *data, int len) | ||
| 209 | { | 228 | { |
| 210 | ASN1_OBJECT *obj; | 229 | ASN1_OBJECT *obj; |
| 211 | X509_ATTRIBUTE *ret; | 230 | X509_ATTRIBUTE *ret; |
| 212 | 231 | ||
| 213 | obj=OBJ_nid2obj(nid); | 232 | obj = OBJ_nid2obj(nid); |
| 214 | if (obj == NULL) { | 233 | if (obj == NULL) { |
| 215 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID); | 234 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID, |
| 216 | return(NULL); | 235 | X509_R_UNKNOWN_NID); |
| 236 | return (NULL); | ||
| 217 | } | 237 | } |
| 218 | ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len); | 238 | ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len); |
| 219 | if (ret == NULL) ASN1_OBJECT_free(obj); | 239 | if (ret == NULL) |
| 220 | return(ret); | 240 | ASN1_OBJECT_free(obj); |
| 241 | return (ret); | ||
| 221 | } | 242 | } |
| 222 | 243 | ||
| 223 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, | 244 | X509_ATTRIBUTE * |
| 224 | const ASN1_OBJECT *obj, int atrtype, const void *data, int len) | 245 | X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj, |
| 246 | int atrtype, const void *data, int len) | ||
| 225 | { | 247 | { |
| 226 | X509_ATTRIBUTE *ret; | 248 | X509_ATTRIBUTE *ret; |
| 227 | 249 | ||
| 228 | if ((attr == NULL) || (*attr == NULL)) { | 250 | if ((attr == NULL) || (*attr == NULL)) { |
| 229 | if ((ret=X509_ATTRIBUTE_new()) == NULL) { | 251 | if ((ret = X509_ATTRIBUTE_new()) == NULL) { |
| 230 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); | 252 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ, |
| 231 | return(NULL); | 253 | ERR_R_MALLOC_FAILURE); |
| 254 | return (NULL); | ||
| 232 | } | 255 | } |
| 233 | } | 256 | } else |
| 234 | else | ||
| 235 | ret= *attr; | 257 | ret= *attr; |
| 236 | 258 | ||
| 237 | if (!X509_ATTRIBUTE_set1_object(ret,obj)) | 259 | if (!X509_ATTRIBUTE_set1_object(ret, obj)) |
| 238 | goto err; | 260 | goto err; |
| 239 | if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len)) | 261 | if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len)) |
| 240 | goto err; | 262 | goto err; |
| 241 | 263 | ||
| 242 | if ((attr != NULL) && (*attr == NULL)) *attr=ret; | 264 | if ((attr != NULL) && (*attr == NULL)) |
| 243 | return(ret); | 265 | *attr = ret; |
| 266 | return (ret); | ||
| 267 | |||
| 244 | err: | 268 | err: |
| 245 | if ((attr == NULL) || (ret != *attr)) | 269 | if ((attr == NULL) || (ret != *attr)) |
| 246 | X509_ATTRIBUTE_free(ret); | 270 | X509_ATTRIBUTE_free(ret); |
| 247 | return(NULL); | 271 | return (NULL); |
| 248 | } | 272 | } |
| 249 | 273 | ||
| 250 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, | 274 | X509_ATTRIBUTE * |
| 251 | const char *atrname, int type, const unsigned char *bytes, int len) | 275 | X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, const char *atrname, |
| 276 | int type, const unsigned char *bytes, int len) | ||
| 252 | { | 277 | { |
| 253 | ASN1_OBJECT *obj; | 278 | ASN1_OBJECT *obj; |
| 254 | X509_ATTRIBUTE *nattr; | 279 | X509_ATTRIBUTE *nattr; |
| 255 | 280 | ||
| 256 | obj=OBJ_txt2obj(atrname, 0); | 281 | obj = OBJ_txt2obj(atrname, 0); |
| 257 | if (obj == NULL) { | 282 | if (obj == NULL) { |
| 258 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, | 283 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, |
| 259 | X509_R_INVALID_FIELD_NAME); | 284 | X509_R_INVALID_FIELD_NAME); |
| 260 | ERR_add_error_data(2, "name=", atrname); | 285 | ERR_add_error_data(2, "name=", atrname); |
| 261 | return(NULL); | 286 | return (NULL); |
| 262 | } | 287 | } |
| 263 | nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len); | 288 | nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len); |
| 264 | ASN1_OBJECT_free(obj); | 289 | ASN1_OBJECT_free(obj); |
| 265 | return nattr; | 290 | return nattr; |
| 266 | } | 291 | } |
| 267 | 292 | ||
| 268 | int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) | 293 | int |
| 294 | X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) | ||
| 269 | { | 295 | { |
| 270 | if ((attr == NULL) || (obj == NULL)) | 296 | if ((attr == NULL) || (obj == NULL)) |
| 271 | return(0); | 297 | return (0); |
| 272 | ASN1_OBJECT_free(attr->object); | 298 | ASN1_OBJECT_free(attr->object); |
| 273 | attr->object=OBJ_dup(obj); | 299 | attr->object = OBJ_dup(obj); |
| 274 | return(1); | 300 | return (1); |
| 275 | } | 301 | } |
| 276 | 302 | ||
| 277 | int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) | 303 | int |
| 304 | X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, | ||
| 305 | int len) | ||
| 278 | { | 306 | { |
| 279 | ASN1_TYPE *ttmp; | 307 | ASN1_TYPE *ttmp; |
| 280 | ASN1_STRING *stmp = NULL; | 308 | ASN1_STRING *stmp = NULL; |
| 281 | int atype = 0; | 309 | int atype = 0; |
| 282 | if (!attr) return 0; | 310 | |
| 283 | if(attrtype & MBSTRING_FLAG) { | 311 | if (!attr) |
| 312 | return 0; | ||
| 313 | if (attrtype & MBSTRING_FLAG) { | ||
| 284 | stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, | 314 | stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, |
| 285 | OBJ_obj2nid(attr->object)); | 315 | OBJ_obj2nid(attr->object)); |
| 286 | if(!stmp) { | 316 | if (!stmp) { |
| 287 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB); | 317 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, |
| 318 | ERR_R_ASN1_LIB); | ||
| 288 | return 0; | 319 | return 0; |
| 289 | } | 320 | } |
| 290 | atype = stmp->type; | 321 | atype = stmp->type; |
| 291 | } else if (len != -1){ | 322 | } else if (len != -1){ |
| 292 | if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; | 323 | if (!(stmp = ASN1_STRING_type_new(attrtype))) |
| 293 | if(!ASN1_STRING_set(stmp, data, len)) goto err; | 324 | goto err; |
| 325 | if (!ASN1_STRING_set(stmp, data, len)) | ||
| 326 | goto err; | ||
| 294 | atype = attrtype; | 327 | atype = attrtype; |
| 295 | } | 328 | } |
| 296 | if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; | 329 | if (!(attr->value.set = sk_ASN1_TYPE_new_null())) |
| 330 | goto err; | ||
| 297 | attr->single = 0; | 331 | attr->single = 0; |
| 298 | /* This is a bit naughty because the attribute should really have | 332 | /* This is a bit naughty because the attribute should really have |
| 299 | * at least one value but some types use and zero length SET and | 333 | * at least one value but some types use and zero length SET and |
| @@ -301,49 +335,64 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat | |||
| 301 | */ | 335 | */ |
| 302 | if (attrtype == 0) | 336 | if (attrtype == 0) |
| 303 | return 1; | 337 | return 1; |
| 304 | if(!(ttmp = ASN1_TYPE_new())) goto err; | 338 | if (!(ttmp = ASN1_TYPE_new())) |
| 339 | goto err; | ||
| 305 | if ((len == -1) && !(attrtype & MBSTRING_FLAG)) { | 340 | if ((len == -1) && !(attrtype & MBSTRING_FLAG)) { |
| 306 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) | 341 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) |
| 307 | goto err; | 342 | goto err; |
| 308 | } else | 343 | } else |
| 309 | ASN1_TYPE_set(ttmp, atype, stmp); | 344 | ASN1_TYPE_set(ttmp, atype, stmp); |
| 310 | if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; | 345 | if (!sk_ASN1_TYPE_push(attr->value.set, ttmp)) |
| 346 | goto err; | ||
| 311 | return 1; | 347 | return 1; |
| 312 | err: | 348 | |
| 349 | err: | ||
| 313 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); | 350 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); |
| 314 | return 0; | 351 | return 0; |
| 315 | } | 352 | } |
| 316 | 353 | ||
| 317 | int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr) | 354 | int |
| 355 | X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr) | ||
| 318 | { | 356 | { |
| 319 | if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set); | 357 | if (!attr->single) |
| 320 | if(attr->value.single) return 1; | 358 | return sk_ASN1_TYPE_num(attr->value.set); |
| 359 | if (attr->value.single) | ||
| 360 | return 1; | ||
| 321 | return 0; | 361 | return 0; |
| 322 | } | 362 | } |
| 323 | 363 | ||
| 324 | ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) | 364 | ASN1_OBJECT * |
| 365 | X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) | ||
| 325 | { | 366 | { |
| 326 | if (attr == NULL) return(NULL); | 367 | if (attr == NULL) |
| 327 | return(attr->object); | 368 | return (NULL); |
| 369 | return (attr->object); | ||
| 328 | } | 370 | } |
| 329 | 371 | ||
| 330 | void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, | 372 | void * |
| 331 | int atrtype, void *data) | 373 | X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data) |
| 332 | { | 374 | { |
| 333 | ASN1_TYPE *ttmp; | 375 | ASN1_TYPE *ttmp; |
| 376 | |||
| 334 | ttmp = X509_ATTRIBUTE_get0_type(attr, idx); | 377 | ttmp = X509_ATTRIBUTE_get0_type(attr, idx); |
| 335 | if(!ttmp) return NULL; | 378 | if (!ttmp) |
| 336 | if(atrtype != ASN1_TYPE_get(ttmp)){ | 379 | return NULL; |
| 380 | if (atrtype != ASN1_TYPE_get(ttmp)){ | ||
| 337 | X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE); | 381 | X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE); |
| 338 | return NULL; | 382 | return NULL; |
| 339 | } | 383 | } |
| 340 | return ttmp->value.ptr; | 384 | return ttmp->value.ptr; |
| 341 | } | 385 | } |
| 342 | 386 | ||
| 343 | ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) | 387 | ASN1_TYPE * |
| 388 | X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) | ||
| 344 | { | 389 | { |
| 345 | if (attr == NULL) return(NULL); | 390 | if (attr == NULL) |
| 346 | if(idx >= X509_ATTRIBUTE_count(attr)) return NULL; | 391 | return (NULL); |
| 347 | if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx); | 392 | if (idx >= X509_ATTRIBUTE_count(attr)) |
| 348 | else return attr->value.single; | 393 | return NULL; |
| 394 | if (!attr->single) | ||
| 395 | return sk_ASN1_TYPE_value(attr->value.set, idx); | ||
| 396 | else | ||
| 397 | return attr->value.single; | ||
| 349 | } | 398 | } |
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index 87c4596414..b6b3423e3f 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -64,105 +64,121 @@ | |||
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/x509v3.h> | 65 | #include <openssl/x509v3.h> |
| 66 | 66 | ||
| 67 | int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) | 67 | int |
| 68 | X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) | ||
| 68 | { | 69 | { |
| 69 | int i; | 70 | int i; |
| 70 | X509_CINF *ai,*bi; | 71 | X509_CINF *ai, *bi; |
| 71 | 72 | ||
| 72 | ai=a->cert_info; | 73 | ai = a->cert_info; |
| 73 | bi=b->cert_info; | 74 | bi = b->cert_info; |
| 74 | i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber); | 75 | i = M_ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber); |
| 75 | if (i) return(i); | 76 | if (i) |
| 76 | return(X509_NAME_cmp(ai->issuer,bi->issuer)); | 77 | return (i); |
| 78 | return (X509_NAME_cmp(ai->issuer, bi->issuer)); | ||
| 77 | } | 79 | } |
| 78 | 80 | ||
| 79 | #ifndef OPENSSL_NO_MD5 | 81 | #ifndef OPENSSL_NO_MD5 |
| 80 | unsigned long X509_issuer_and_serial_hash(X509 *a) | 82 | unsigned long |
| 83 | X509_issuer_and_serial_hash(X509 *a) | ||
| 81 | { | 84 | { |
| 82 | unsigned long ret=0; | 85 | unsigned long ret = 0; |
| 83 | EVP_MD_CTX ctx; | 86 | EVP_MD_CTX ctx; |
| 84 | unsigned char md[16]; | 87 | unsigned char md[16]; |
| 85 | char *f; | 88 | char *f; |
| 86 | 89 | ||
| 87 | EVP_MD_CTX_init(&ctx); | 90 | EVP_MD_CTX_init(&ctx); |
| 88 | f=X509_NAME_oneline(a->cert_info->issuer,NULL,0); | 91 | f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0); |
| 89 | if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) | 92 | if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) |
| 90 | goto err; | 93 | goto err; |
| 91 | if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,strlen(f))) | 94 | if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f))) |
| 92 | goto err; | 95 | goto err; |
| 93 | free(f); | 96 | free(f); |
| 94 | if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, | 97 | if (!EVP_DigestUpdate(&ctx, |
| 95 | (unsigned long)a->cert_info->serialNumber->length)) | 98 | (unsigned char *)a->cert_info->serialNumber->data, |
| 99 | (unsigned long)a->cert_info->serialNumber->length)) | ||
| 96 | goto err; | 100 | goto err; |
| 97 | if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL)) | 101 | if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL)) |
| 98 | goto err; | 102 | goto err; |
| 99 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 103 | ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | |
| 100 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 104 | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) & |
| 101 | )&0xffffffffL; | 105 | 0xffffffffL; |
| 102 | err: | 106 | |
| 107 | err: | ||
| 103 | EVP_MD_CTX_cleanup(&ctx); | 108 | EVP_MD_CTX_cleanup(&ctx); |
| 104 | return(ret); | 109 | return (ret); |
| 105 | } | 110 | } |
| 106 | #endif | 111 | #endif |
| 107 | 112 | ||
| 108 | int X509_issuer_name_cmp(const X509 *a, const X509 *b) | 113 | int |
| 114 | X509_issuer_name_cmp(const X509 *a, const X509 *b) | ||
| 109 | { | 115 | { |
| 110 | return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); | 116 | return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer)); |
| 111 | } | 117 | } |
| 112 | 118 | ||
| 113 | int X509_subject_name_cmp(const X509 *a, const X509 *b) | 119 | int |
| 120 | X509_subject_name_cmp(const X509 *a, const X509 *b) | ||
| 114 | { | 121 | { |
| 115 | return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); | 122 | return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject)); |
| 116 | } | 123 | } |
| 117 | 124 | ||
| 118 | int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) | 125 | int |
| 126 | X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) | ||
| 119 | { | 127 | { |
| 120 | return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); | 128 | return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer)); |
| 121 | } | 129 | } |
| 122 | 130 | ||
| 123 | #ifndef OPENSSL_NO_SHA | 131 | #ifndef OPENSSL_NO_SHA |
| 124 | int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) | 132 | int |
| 133 | X509_CRL_match(const X509_CRL *a, const X509_CRL *b) | ||
| 125 | { | 134 | { |
| 126 | return memcmp(a->sha1_hash, b->sha1_hash, 20); | 135 | return memcmp(a->sha1_hash, b->sha1_hash, 20); |
| 127 | } | 136 | } |
| 128 | #endif | 137 | #endif |
| 129 | 138 | ||
| 130 | X509_NAME *X509_get_issuer_name(X509 *a) | 139 | X509_NAME * |
| 140 | X509_get_issuer_name(X509 *a) | ||
| 131 | { | 141 | { |
| 132 | return(a->cert_info->issuer); | 142 | return (a->cert_info->issuer); |
| 133 | } | 143 | } |
| 134 | 144 | ||
| 135 | unsigned long X509_issuer_name_hash(X509 *x) | 145 | unsigned long |
| 146 | X509_issuer_name_hash(X509 *x) | ||
| 136 | { | 147 | { |
| 137 | return(X509_NAME_hash(x->cert_info->issuer)); | 148 | return (X509_NAME_hash(x->cert_info->issuer)); |
| 138 | } | 149 | } |
| 139 | 150 | ||
| 140 | #ifndef OPENSSL_NO_MD5 | 151 | #ifndef OPENSSL_NO_MD5 |
| 141 | unsigned long X509_issuer_name_hash_old(X509 *x) | 152 | unsigned long |
| 153 | X509_issuer_name_hash_old(X509 *x) | ||
| 142 | { | 154 | { |
| 143 | return(X509_NAME_hash_old(x->cert_info->issuer)); | 155 | return (X509_NAME_hash_old(x->cert_info->issuer)); |
| 144 | } | 156 | } |
| 145 | #endif | 157 | #endif |
| 146 | 158 | ||
| 147 | X509_NAME *X509_get_subject_name(X509 *a) | 159 | X509_NAME * |
| 160 | X509_get_subject_name(X509 *a) | ||
| 148 | { | 161 | { |
| 149 | return(a->cert_info->subject); | 162 | return (a->cert_info->subject); |
| 150 | } | 163 | } |
| 151 | 164 | ||
| 152 | ASN1_INTEGER *X509_get_serialNumber(X509 *a) | 165 | ASN1_INTEGER * |
| 166 | X509_get_serialNumber(X509 *a) | ||
| 153 | { | 167 | { |
| 154 | return(a->cert_info->serialNumber); | 168 | return (a->cert_info->serialNumber); |
| 155 | } | 169 | } |
| 156 | 170 | ||
| 157 | unsigned long X509_subject_name_hash(X509 *x) | 171 | unsigned long |
| 172 | X509_subject_name_hash(X509 *x) | ||
| 158 | { | 173 | { |
| 159 | return(X509_NAME_hash(x->cert_info->subject)); | 174 | return (X509_NAME_hash(x->cert_info->subject)); |
| 160 | } | 175 | } |
| 161 | 176 | ||
| 162 | #ifndef OPENSSL_NO_MD5 | 177 | #ifndef OPENSSL_NO_MD5 |
| 163 | unsigned long X509_subject_name_hash_old(X509 *x) | 178 | unsigned long |
| 179 | X509_subject_name_hash_old(X509 *x) | ||
| 164 | { | 180 | { |
| 165 | return(X509_NAME_hash_old(x->cert_info->subject)); | 181 | return (X509_NAME_hash_old(x->cert_info->subject)); |
| 166 | } | 182 | } |
| 167 | #endif | 183 | #endif |
| 168 | 184 | ||
| @@ -176,7 +192,8 @@ unsigned long X509_subject_name_hash_old(X509 *x) | |||
| 176 | * where the "depth-first" constification tree has to halt | 192 | * where the "depth-first" constification tree has to halt |
| 177 | * with an evil cast. | 193 | * with an evil cast. |
| 178 | */ | 194 | */ |
| 179 | int X509_cmp(const X509 *a, const X509 *b) | 195 | int |
| 196 | X509_cmp(const X509 *a, const X509 *b) | ||
| 180 | { | 197 | { |
| 181 | /* ensure hash is valid */ | 198 | /* ensure hash is valid */ |
| 182 | X509_check_purpose((X509 *)a, -1, 0); | 199 | X509_check_purpose((X509 *)a, -1, 0); |
| @@ -186,49 +203,44 @@ int X509_cmp(const X509 *a, const X509 *b) | |||
| 186 | } | 203 | } |
| 187 | #endif | 204 | #endif |
| 188 | 205 | ||
| 189 | 206 | int | |
| 190 | int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) | 207 | X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) |
| 191 | { | 208 | { |
| 192 | int ret; | 209 | int ret; |
| 193 | 210 | ||
| 194 | /* Ensure canonical encoding is present and up to date */ | 211 | /* Ensure canonical encoding is present and up to date */ |
| 195 | |||
| 196 | if (!a->canon_enc || a->modified) { | 212 | if (!a->canon_enc || a->modified) { |
| 197 | ret = i2d_X509_NAME((X509_NAME *)a, NULL); | 213 | ret = i2d_X509_NAME((X509_NAME *)a, NULL); |
| 198 | if (ret < 0) | 214 | if (ret < 0) |
| 199 | return -2; | 215 | return -2; |
| 200 | } | 216 | } |
| 201 | |||
| 202 | if (!b->canon_enc || b->modified) { | 217 | if (!b->canon_enc || b->modified) { |
| 203 | ret = i2d_X509_NAME((X509_NAME *)b, NULL); | 218 | ret = i2d_X509_NAME((X509_NAME *)b, NULL); |
| 204 | if (ret < 0) | 219 | if (ret < 0) |
| 205 | return -2; | 220 | return -2; |
| 206 | } | 221 | } |
| 207 | |||
| 208 | ret = a->canon_enclen - b->canon_enclen; | 222 | ret = a->canon_enclen - b->canon_enclen; |
| 209 | |||
| 210 | if (ret) | 223 | if (ret) |
| 211 | return ret; | 224 | return ret; |
| 212 | |||
| 213 | return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); | 225 | return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); |
| 214 | |||
| 215 | } | 226 | } |
| 216 | 227 | ||
| 217 | unsigned long X509_NAME_hash(X509_NAME *x) | 228 | unsigned long |
| 229 | X509_NAME_hash(X509_NAME *x) | ||
| 218 | { | 230 | { |
| 219 | unsigned long ret=0; | 231 | unsigned long ret = 0; |
| 220 | unsigned char md[SHA_DIGEST_LENGTH]; | 232 | unsigned char md[SHA_DIGEST_LENGTH]; |
| 221 | 233 | ||
| 222 | /* Make sure X509_NAME structure contains valid cached encoding */ | 234 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 223 | i2d_X509_NAME(x,NULL); | 235 | i2d_X509_NAME(x, NULL); |
| 224 | if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), | 236 | if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), |
| 225 | NULL)) | 237 | NULL)) |
| 226 | return 0; | 238 | return 0; |
| 227 | 239 | ||
| 228 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 240 | ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | |
| 229 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 241 | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) & |
| 230 | )&0xffffffffL; | 242 | 0xffffffffL; |
| 231 | return(ret); | 243 | return (ret); |
| 232 | } | 244 | } |
| 233 | 245 | ||
| 234 | 246 | ||
| @@ -236,82 +248,92 @@ unsigned long X509_NAME_hash(X509_NAME *x) | |||
| 236 | /* I now DER encode the name and hash it. Since I cache the DER encoding, | 248 | /* I now DER encode the name and hash it. Since I cache the DER encoding, |
| 237 | * this is reasonably efficient. */ | 249 | * this is reasonably efficient. */ |
| 238 | 250 | ||
| 239 | unsigned long X509_NAME_hash_old(X509_NAME *x) | 251 | unsigned long |
| 252 | X509_NAME_hash_old(X509_NAME *x) | ||
| 240 | { | 253 | { |
| 241 | EVP_MD_CTX md_ctx; | 254 | EVP_MD_CTX md_ctx; |
| 242 | unsigned long ret=0; | 255 | unsigned long ret = 0; |
| 243 | unsigned char md[16]; | 256 | unsigned char md[16]; |
| 244 | 257 | ||
| 245 | /* Make sure X509_NAME structure contains valid cached encoding */ | 258 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 246 | i2d_X509_NAME(x,NULL); | 259 | i2d_X509_NAME(x, NULL); |
| 247 | EVP_MD_CTX_init(&md_ctx); | 260 | EVP_MD_CTX_init(&md_ctx); |
| 248 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | 261 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); |
| 249 | if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) | 262 | if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) && |
| 250 | && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) | 263 | EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) && |
| 251 | && EVP_DigestFinal_ex(&md_ctx,md,NULL)) | 264 | EVP_DigestFinal_ex(&md_ctx, md, NULL)) |
| 252 | ret=(((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 265 | ret = (((unsigned long)md[0]) | |
| 253 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 266 | ((unsigned long)md[1] << 8L) | |
| 254 | )&0xffffffffL; | 267 | ((unsigned long)md[2] << 16L) | |
| 268 | ((unsigned long)md[3] << 24L)) & | ||
| 269 | 0xffffffffL; | ||
| 255 | EVP_MD_CTX_cleanup(&md_ctx); | 270 | EVP_MD_CTX_cleanup(&md_ctx); |
| 256 | 271 | ||
| 257 | return(ret); | 272 | return (ret); |
| 258 | } | 273 | } |
| 259 | #endif | 274 | #endif |
| 260 | 275 | ||
| 261 | /* Search a stack of X509 for a match */ | 276 | /* Search a stack of X509 for a match */ |
| 262 | X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, | 277 | X509 * |
| 263 | ASN1_INTEGER *serial) | 278 | X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, |
| 279 | ASN1_INTEGER *serial) | ||
| 264 | { | 280 | { |
| 265 | int i; | 281 | int i; |
| 266 | X509_CINF cinf; | 282 | X509_CINF cinf; |
| 267 | X509 x,*x509=NULL; | 283 | X509 x, *x509 = NULL; |
| 268 | 284 | ||
| 269 | if(!sk) return NULL; | 285 | if (!sk) |
| 286 | return NULL; | ||
| 270 | 287 | ||
| 271 | x.cert_info= &cinf; | 288 | x.cert_info = &cinf; |
| 272 | cinf.serialNumber=serial; | 289 | cinf.serialNumber = serial; |
| 273 | cinf.issuer=name; | 290 | cinf.issuer = name; |
| 274 | 291 | ||
| 275 | for (i=0; i<sk_X509_num(sk); i++) { | 292 | for (i = 0; i < sk_X509_num(sk); i++) { |
| 276 | x509=sk_X509_value(sk,i); | 293 | x509 = sk_X509_value(sk, i); |
| 277 | if (X509_issuer_and_serial_cmp(x509,&x) == 0) | 294 | if (X509_issuer_and_serial_cmp(x509, &x) == 0) |
| 278 | return(x509); | 295 | return (x509); |
| 279 | } | 296 | } |
| 280 | return(NULL); | 297 | return (NULL); |
| 281 | } | 298 | } |
| 282 | 299 | ||
| 283 | X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) | 300 | X509 * |
| 301 | X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) | ||
| 284 | { | 302 | { |
| 285 | X509 *x509; | 303 | X509 *x509; |
| 286 | int i; | 304 | int i; |
| 287 | 305 | ||
| 288 | for (i=0; i<sk_X509_num(sk); i++) { | 306 | for (i = 0; i < sk_X509_num(sk); i++) { |
| 289 | x509=sk_X509_value(sk,i); | 307 | x509 = sk_X509_value(sk, i); |
| 290 | if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0) | 308 | if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0) |
| 291 | return(x509); | 309 | return (x509); |
| 292 | } | 310 | } |
| 293 | return(NULL); | 311 | return (NULL); |
| 294 | } | 312 | } |
| 295 | 313 | ||
| 296 | EVP_PKEY *X509_get_pubkey(X509 *x) | 314 | EVP_PKEY * |
| 315 | X509_get_pubkey(X509 *x) | ||
| 297 | { | 316 | { |
| 298 | if ((x == NULL) || (x->cert_info == NULL)) | 317 | if ((x == NULL) || (x->cert_info == NULL)) |
| 299 | return(NULL); | 318 | return (NULL); |
| 300 | return(X509_PUBKEY_get(x->cert_info->key)); | 319 | return (X509_PUBKEY_get(x->cert_info->key)); |
| 301 | } | 320 | } |
| 302 | 321 | ||
| 303 | ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) | 322 | ASN1_BIT_STRING * |
| 323 | X509_get0_pubkey_bitstr(const X509 *x) | ||
| 304 | { | 324 | { |
| 305 | if(!x) return NULL; | 325 | if (!x) |
| 326 | return NULL; | ||
| 306 | return x->cert_info->key->public_key; | 327 | return x->cert_info->key->public_key; |
| 307 | } | 328 | } |
| 308 | 329 | ||
| 309 | int X509_check_private_key(X509 *x, EVP_PKEY *k) | 330 | int |
| 331 | X509_check_private_key(X509 *x, EVP_PKEY *k) | ||
| 310 | { | 332 | { |
| 311 | EVP_PKEY *xk; | 333 | EVP_PKEY *xk; |
| 312 | int ret; | 334 | int ret; |
| 313 | 335 | ||
| 314 | xk=X509_get_pubkey(x); | 336 | xk = X509_get_pubkey(x); |
| 315 | 337 | ||
| 316 | if (xk) | 338 | if (xk) |
| 317 | ret = EVP_PKEY_cmp(xk, k); | 339 | ret = EVP_PKEY_cmp(xk, k); |
| @@ -322,13 +344,16 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) | |||
| 322 | case 1: | 344 | case 1: |
| 323 | break; | 345 | break; |
| 324 | case 0: | 346 | case 0: |
| 325 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | 347 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, |
| 348 | X509_R_KEY_VALUES_MISMATCH); | ||
| 326 | break; | 349 | break; |
| 327 | case -1: | 350 | case -1: |
| 328 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); | 351 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, |
| 352 | X509_R_KEY_TYPE_MISMATCH); | ||
| 329 | break; | 353 | break; |
| 330 | case -2: | 354 | case -2: |
| 331 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); | 355 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, |
| 356 | X509_R_UNKNOWN_KEY_TYPE); | ||
| 332 | } | 357 | } |
| 333 | if (xk) | 358 | if (xk) |
| 334 | EVP_PKEY_free(xk); | 359 | EVP_PKEY_free(xk); |
diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c index ed051093ac..5ccd434665 100644 --- a/src/lib/libcrypto/x509/x509_d2.c +++ b/src/lib/libcrypto/x509/x509_d2.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -62,44 +62,48 @@ | |||
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_NO_STDIO | 64 | #ifndef OPENSSL_NO_STDIO |
| 65 | int X509_STORE_set_default_paths(X509_STORE *ctx) | 65 | int |
| 66 | X509_STORE_set_default_paths(X509_STORE *ctx) | ||
| 66 | { | 67 | { |
| 67 | X509_LOOKUP *lookup; | 68 | X509_LOOKUP *lookup; |
| 68 | 69 | ||
| 69 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); | 70 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); |
| 70 | if (lookup == NULL) return(0); | 71 | if (lookup == NULL) |
| 71 | X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); | 72 | return (0); |
| 73 | X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); | ||
| 74 | |||
| 75 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); | ||
| 76 | if (lookup == NULL) | ||
| 77 | return (0); | ||
| 78 | X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); | ||
| 72 | 79 | ||
| 73 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); | ||
| 74 | if (lookup == NULL) return(0); | ||
| 75 | X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); | ||
| 76 | |||
| 77 | /* clear any errors */ | 80 | /* clear any errors */ |
| 78 | ERR_clear_error(); | 81 | ERR_clear_error(); |
| 79 | 82 | ||
| 80 | return(1); | 83 | return (1); |
| 81 | } | 84 | } |
| 82 | 85 | ||
| 83 | int X509_STORE_load_locations(X509_STORE *ctx, const char *file, | 86 | int |
| 84 | const char *path) | 87 | X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *path) |
| 85 | { | 88 | { |
| 86 | X509_LOOKUP *lookup; | 89 | X509_LOOKUP *lookup; |
| 87 | 90 | ||
| 88 | if (file != NULL) { | 91 | if (file != NULL) { |
| 89 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); | 92 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); |
| 90 | if (lookup == NULL) return(0); | 93 | if (lookup == NULL) |
| 91 | if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1) | 94 | return (0); |
| 92 | return(0); | 95 | if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1) |
| 96 | return (0); | ||
| 93 | } | 97 | } |
| 94 | if (path != NULL) { | 98 | if (path != NULL) { |
| 95 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); | 99 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); |
| 96 | if (lookup == NULL) return(0); | 100 | if (lookup == NULL) |
| 97 | if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1) | 101 | return (0); |
| 98 | return(0); | 102 | if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1) |
| 103 | return (0); | ||
| 99 | } | 104 | } |
| 100 | if ((path == NULL) && (file == NULL)) | 105 | if ((path == NULL) && (file == NULL)) |
| 101 | return(0); | 106 | return (0); |
| 102 | return(1); | 107 | return (1); |
| 103 | } | 108 | } |
| 104 | |||
| 105 | #endif | 109 | #endif |
diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c index e0ac151a76..66cbe37bac 100644 --- a/src/lib/libcrypto/x509/x509_def.c +++ b/src/lib/libcrypto/x509/x509_def.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -61,21 +61,38 @@ | |||
| 61 | #include <openssl/crypto.h> | 61 | #include <openssl/crypto.h> |
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | 63 | ||
| 64 | const char *X509_get_default_private_dir(void) | 64 | const char * |
| 65 | { return(X509_PRIVATE_DIR); } | 65 | X509_get_default_private_dir(void) |
| 66 | 66 | { | |
| 67 | const char *X509_get_default_cert_area(void) | 67 | return (X509_PRIVATE_DIR); |
| 68 | { return(X509_CERT_AREA); } | 68 | } |
| 69 | 69 | ||
| 70 | const char *X509_get_default_cert_dir(void) | 70 | const char * |
| 71 | { return(X509_CERT_DIR); } | 71 | X509_get_default_cert_area(void) |
| 72 | { | ||
| 73 | return (X509_CERT_AREA); | ||
| 74 | } | ||
| 72 | 75 | ||
| 73 | const char *X509_get_default_cert_file(void) | 76 | const char * |
| 74 | { return(X509_CERT_FILE); } | 77 | X509_get_default_cert_dir(void) |
| 78 | { | ||
| 79 | return (X509_CERT_DIR); | ||
| 80 | } | ||
| 75 | 81 | ||
| 76 | const char *X509_get_default_cert_dir_env(void) | 82 | const char * |
| 77 | { return(X509_CERT_DIR_EVP); } | 83 | X509_get_default_cert_file(void) |
| 84 | { | ||
| 85 | return (X509_CERT_FILE); | ||
| 86 | } | ||
| 78 | 87 | ||
| 79 | const char *X509_get_default_cert_file_env(void) | 88 | const char * |
| 80 | { return(X509_CERT_FILE_EVP); } | 89 | X509_get_default_cert_dir_env(void) |
| 90 | { | ||
| 91 | return (X509_CERT_DIR_EVP); | ||
| 92 | } | ||
| 81 | 93 | ||
| 94 | const char * | ||
| 95 | X509_get_default_cert_file_env(void) | ||
| 96 | { | ||
| 97 | return (X509_CERT_FILE_EVP); | ||
| 98 | } | ||
diff --git a/src/lib/libssl/src/crypto/x509/x509_att.c b/src/lib/libssl/src/crypto/x509/x509_att.c index 7f924fbe39..5699568998 100644 --- a/src/lib/libssl/src/crypto/x509/x509_att.c +++ b/src/lib/libssl/src/crypto/x509/x509_att.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -65,134 +65,152 @@ | |||
| 65 | #include <openssl/x509.h> | 65 | #include <openssl/x509.h> |
| 66 | #include <openssl/x509v3.h> | 66 | #include <openssl/x509v3.h> |
| 67 | 67 | ||
| 68 | int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) | 68 | int |
| 69 | X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) | ||
| 69 | { | 70 | { |
| 70 | return sk_X509_ATTRIBUTE_num(x); | 71 | return sk_X509_ATTRIBUTE_num(x); |
| 71 | } | 72 | } |
| 72 | 73 | ||
| 73 | int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, | 74 | int |
| 74 | int lastpos) | 75 | X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, |
| 76 | int lastpos) | ||
| 75 | { | 77 | { |
| 76 | ASN1_OBJECT *obj; | 78 | ASN1_OBJECT *obj; |
| 77 | 79 | ||
| 78 | obj=OBJ_nid2obj(nid); | 80 | obj = OBJ_nid2obj(nid); |
| 79 | if (obj == NULL) return(-2); | 81 | if (obj == NULL) |
| 80 | return(X509at_get_attr_by_OBJ(x,obj,lastpos)); | 82 | return (-2); |
| 83 | return (X509at_get_attr_by_OBJ(x, obj, lastpos)); | ||
| 81 | } | 84 | } |
| 82 | 85 | ||
| 83 | int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, | 86 | int |
| 84 | int lastpos) | 87 | X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, |
| 88 | int lastpos) | ||
| 85 | { | 89 | { |
| 86 | int n; | 90 | int n; |
| 87 | X509_ATTRIBUTE *ex; | 91 | X509_ATTRIBUTE *ex; |
| 88 | 92 | ||
| 89 | if (sk == NULL) return(-1); | 93 | if (sk == NULL) |
| 94 | return (-1); | ||
| 90 | lastpos++; | 95 | lastpos++; |
| 91 | if (lastpos < 0) | 96 | if (lastpos < 0) |
| 92 | lastpos=0; | 97 | lastpos = 0; |
| 93 | n=sk_X509_ATTRIBUTE_num(sk); | 98 | n = sk_X509_ATTRIBUTE_num(sk); |
| 94 | for ( ; lastpos < n; lastpos++) { | 99 | for (; lastpos < n; lastpos++) { |
| 95 | ex=sk_X509_ATTRIBUTE_value(sk,lastpos); | 100 | ex = sk_X509_ATTRIBUTE_value(sk, lastpos); |
| 96 | if (OBJ_cmp(ex->object,obj) == 0) | 101 | if (OBJ_cmp(ex->object, obj) == 0) |
| 97 | return(lastpos); | 102 | return (lastpos); |
| 98 | } | 103 | } |
| 99 | return(-1); | 104 | return (-1); |
| 100 | } | 105 | } |
| 101 | 106 | ||
| 102 | X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc) | 107 | X509_ATTRIBUTE * |
| 108 | X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc) | ||
| 103 | { | 109 | { |
| 104 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) | 110 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) |
| 105 | return NULL; | 111 | return NULL; |
| 106 | else | 112 | else |
| 107 | return sk_X509_ATTRIBUTE_value(x,loc); | 113 | return sk_X509_ATTRIBUTE_value(x, loc); |
| 108 | } | 114 | } |
| 109 | 115 | ||
| 110 | X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc) | 116 | X509_ATTRIBUTE * |
| 117 | X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc) | ||
| 111 | { | 118 | { |
| 112 | X509_ATTRIBUTE *ret; | 119 | X509_ATTRIBUTE *ret; |
| 113 | 120 | ||
| 114 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) | 121 | if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) |
| 115 | return(NULL); | 122 | return (NULL); |
| 116 | ret=sk_X509_ATTRIBUTE_delete(x,loc); | 123 | ret = sk_X509_ATTRIBUTE_delete(x, loc); |
| 117 | return(ret); | 124 | return (ret); |
| 118 | } | 125 | } |
| 119 | 126 | ||
| 120 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, | 127 | STACK_OF(X509_ATTRIBUTE) * |
| 121 | X509_ATTRIBUTE *attr) | 128 | X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr) |
| 122 | { | 129 | { |
| 123 | X509_ATTRIBUTE *new_attr=NULL; | 130 | X509_ATTRIBUTE *new_attr = NULL; |
| 124 | STACK_OF(X509_ATTRIBUTE) *sk=NULL; | 131 | STACK_OF(X509_ATTRIBUTE) *sk = NULL; |
| 125 | 132 | ||
| 126 | if (x == NULL) { | 133 | if (x == NULL) { |
| 127 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); | 134 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); |
| 128 | goto err2; | 135 | goto err2; |
| 129 | } | 136 | } |
| 130 | 137 | ||
| 131 | if (*x == NULL) { | 138 | if (*x == NULL) { |
| 132 | if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) | 139 | if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL) |
| 133 | goto err; | 140 | goto err; |
| 134 | } else | 141 | } else |
| 135 | sk= *x; | 142 | sk= *x; |
| 136 | 143 | ||
| 137 | if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL) | 144 | if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL) |
| 138 | goto err2; | 145 | goto err2; |
| 139 | if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) | 146 | if (!sk_X509_ATTRIBUTE_push(sk, new_attr)) |
| 140 | goto err; | 147 | goto err; |
| 141 | if (*x == NULL) | 148 | if (*x == NULL) |
| 142 | *x=sk; | 149 | *x = sk; |
| 143 | return(sk); | 150 | return (sk); |
| 151 | |||
| 144 | err: | 152 | err: |
| 145 | X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE); | 153 | X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE); |
| 146 | err2: | 154 | err2: |
| 147 | if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); | 155 | if (new_attr != NULL) |
| 148 | if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); | 156 | X509_ATTRIBUTE_free(new_attr); |
| 149 | return(NULL); | 157 | if (sk != NULL) |
| 158 | sk_X509_ATTRIBUTE_free(sk); | ||
| 159 | return (NULL); | ||
| 150 | } | 160 | } |
| 151 | 161 | ||
| 152 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, | 162 | STACK_OF(X509_ATTRIBUTE) * |
| 153 | const ASN1_OBJECT *obj, int type, | 163 | X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, |
| 154 | const unsigned char *bytes, int len) | 164 | int type, const unsigned char *bytes, int len) |
| 155 | { | 165 | { |
| 156 | X509_ATTRIBUTE *attr; | 166 | X509_ATTRIBUTE *attr; |
| 157 | STACK_OF(X509_ATTRIBUTE) *ret; | 167 | STACK_OF(X509_ATTRIBUTE) *ret; |
| 168 | |||
| 158 | attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len); | 169 | attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len); |
| 159 | if(!attr) return 0; | 170 | if (!attr) |
| 171 | return 0; | ||
| 160 | ret = X509at_add1_attr(x, attr); | 172 | ret = X509at_add1_attr(x, attr); |
| 161 | X509_ATTRIBUTE_free(attr); | 173 | X509_ATTRIBUTE_free(attr); |
| 162 | return ret; | 174 | return ret; |
| 163 | } | 175 | } |
| 164 | 176 | ||
| 165 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, | 177 | STACK_OF(X509_ATTRIBUTE) * |
| 166 | int nid, int type, | 178 | X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, |
| 167 | const unsigned char *bytes, int len) | 179 | const unsigned char *bytes, int len) |
| 168 | { | 180 | { |
| 169 | X509_ATTRIBUTE *attr; | 181 | X509_ATTRIBUTE *attr; |
| 170 | STACK_OF(X509_ATTRIBUTE) *ret; | 182 | STACK_OF(X509_ATTRIBUTE) *ret; |
| 183 | |||
| 171 | attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len); | 184 | attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len); |
| 172 | if(!attr) return 0; | 185 | if (!attr) |
| 186 | return 0; | ||
| 173 | ret = X509at_add1_attr(x, attr); | 187 | ret = X509at_add1_attr(x, attr); |
| 174 | X509_ATTRIBUTE_free(attr); | 188 | X509_ATTRIBUTE_free(attr); |
| 175 | return ret; | 189 | return ret; |
| 176 | } | 190 | } |
| 177 | 191 | ||
| 178 | STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, | 192 | STACK_OF(X509_ATTRIBUTE) * |
| 179 | const char *attrname, int type, | 193 | X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, |
| 180 | const unsigned char *bytes, int len) | 194 | int type, const unsigned char *bytes, int len) |
| 181 | { | 195 | { |
| 182 | X509_ATTRIBUTE *attr; | 196 | X509_ATTRIBUTE *attr; |
| 183 | STACK_OF(X509_ATTRIBUTE) *ret; | 197 | STACK_OF(X509_ATTRIBUTE) *ret; |
| 198 | |||
| 184 | attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len); | 199 | attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len); |
| 185 | if(!attr) return 0; | 200 | if (!attr) |
| 201 | return 0; | ||
| 186 | ret = X509at_add1_attr(x, attr); | 202 | ret = X509at_add1_attr(x, attr); |
| 187 | X509_ATTRIBUTE_free(attr); | 203 | X509_ATTRIBUTE_free(attr); |
| 188 | return ret; | 204 | return ret; |
| 189 | } | 205 | } |
| 190 | 206 | ||
| 191 | void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, | 207 | void * |
| 192 | ASN1_OBJECT *obj, int lastpos, int type) | 208 | X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj, |
| 209 | int lastpos, int type) | ||
| 193 | { | 210 | { |
| 194 | int i; | 211 | int i; |
| 195 | X509_ATTRIBUTE *at; | 212 | X509_ATTRIBUTE *at; |
| 213 | |||
| 196 | i = X509at_get_attr_by_OBJ(x, obj, lastpos); | 214 | i = X509at_get_attr_by_OBJ(x, obj, lastpos); |
| 197 | if (i == -1) | 215 | if (i == -1) |
| 198 | return NULL; | 216 | return NULL; |
| @@ -204,96 +222,112 @@ void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, | |||
| 204 | return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); | 222 | return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); |
| 205 | } | 223 | } |
| 206 | 224 | ||
| 207 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, | 225 | X509_ATTRIBUTE * |
| 208 | int atrtype, const void *data, int len) | 226 | X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, |
| 227 | const void *data, int len) | ||
| 209 | { | 228 | { |
| 210 | ASN1_OBJECT *obj; | 229 | ASN1_OBJECT *obj; |
| 211 | X509_ATTRIBUTE *ret; | 230 | X509_ATTRIBUTE *ret; |
| 212 | 231 | ||
| 213 | obj=OBJ_nid2obj(nid); | 232 | obj = OBJ_nid2obj(nid); |
| 214 | if (obj == NULL) { | 233 | if (obj == NULL) { |
| 215 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID); | 234 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID, |
| 216 | return(NULL); | 235 | X509_R_UNKNOWN_NID); |
| 236 | return (NULL); | ||
| 217 | } | 237 | } |
| 218 | ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len); | 238 | ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len); |
| 219 | if (ret == NULL) ASN1_OBJECT_free(obj); | 239 | if (ret == NULL) |
| 220 | return(ret); | 240 | ASN1_OBJECT_free(obj); |
| 241 | return (ret); | ||
| 221 | } | 242 | } |
| 222 | 243 | ||
| 223 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, | 244 | X509_ATTRIBUTE * |
| 224 | const ASN1_OBJECT *obj, int atrtype, const void *data, int len) | 245 | X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj, |
| 246 | int atrtype, const void *data, int len) | ||
| 225 | { | 247 | { |
| 226 | X509_ATTRIBUTE *ret; | 248 | X509_ATTRIBUTE *ret; |
| 227 | 249 | ||
| 228 | if ((attr == NULL) || (*attr == NULL)) { | 250 | if ((attr == NULL) || (*attr == NULL)) { |
| 229 | if ((ret=X509_ATTRIBUTE_new()) == NULL) { | 251 | if ((ret = X509_ATTRIBUTE_new()) == NULL) { |
| 230 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); | 252 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ, |
| 231 | return(NULL); | 253 | ERR_R_MALLOC_FAILURE); |
| 254 | return (NULL); | ||
| 232 | } | 255 | } |
| 233 | } | 256 | } else |
| 234 | else | ||
| 235 | ret= *attr; | 257 | ret= *attr; |
| 236 | 258 | ||
| 237 | if (!X509_ATTRIBUTE_set1_object(ret,obj)) | 259 | if (!X509_ATTRIBUTE_set1_object(ret, obj)) |
| 238 | goto err; | 260 | goto err; |
| 239 | if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len)) | 261 | if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len)) |
| 240 | goto err; | 262 | goto err; |
| 241 | 263 | ||
| 242 | if ((attr != NULL) && (*attr == NULL)) *attr=ret; | 264 | if ((attr != NULL) && (*attr == NULL)) |
| 243 | return(ret); | 265 | *attr = ret; |
| 266 | return (ret); | ||
| 267 | |||
| 244 | err: | 268 | err: |
| 245 | if ((attr == NULL) || (ret != *attr)) | 269 | if ((attr == NULL) || (ret != *attr)) |
| 246 | X509_ATTRIBUTE_free(ret); | 270 | X509_ATTRIBUTE_free(ret); |
| 247 | return(NULL); | 271 | return (NULL); |
| 248 | } | 272 | } |
| 249 | 273 | ||
| 250 | X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, | 274 | X509_ATTRIBUTE * |
| 251 | const char *atrname, int type, const unsigned char *bytes, int len) | 275 | X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, const char *atrname, |
| 276 | int type, const unsigned char *bytes, int len) | ||
| 252 | { | 277 | { |
| 253 | ASN1_OBJECT *obj; | 278 | ASN1_OBJECT *obj; |
| 254 | X509_ATTRIBUTE *nattr; | 279 | X509_ATTRIBUTE *nattr; |
| 255 | 280 | ||
| 256 | obj=OBJ_txt2obj(atrname, 0); | 281 | obj = OBJ_txt2obj(atrname, 0); |
| 257 | if (obj == NULL) { | 282 | if (obj == NULL) { |
| 258 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, | 283 | X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, |
| 259 | X509_R_INVALID_FIELD_NAME); | 284 | X509_R_INVALID_FIELD_NAME); |
| 260 | ERR_add_error_data(2, "name=", atrname); | 285 | ERR_add_error_data(2, "name=", atrname); |
| 261 | return(NULL); | 286 | return (NULL); |
| 262 | } | 287 | } |
| 263 | nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len); | 288 | nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len); |
| 264 | ASN1_OBJECT_free(obj); | 289 | ASN1_OBJECT_free(obj); |
| 265 | return nattr; | 290 | return nattr; |
| 266 | } | 291 | } |
| 267 | 292 | ||
| 268 | int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) | 293 | int |
| 294 | X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) | ||
| 269 | { | 295 | { |
| 270 | if ((attr == NULL) || (obj == NULL)) | 296 | if ((attr == NULL) || (obj == NULL)) |
| 271 | return(0); | 297 | return (0); |
| 272 | ASN1_OBJECT_free(attr->object); | 298 | ASN1_OBJECT_free(attr->object); |
| 273 | attr->object=OBJ_dup(obj); | 299 | attr->object = OBJ_dup(obj); |
| 274 | return(1); | 300 | return (1); |
| 275 | } | 301 | } |
| 276 | 302 | ||
| 277 | int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) | 303 | int |
| 304 | X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, | ||
| 305 | int len) | ||
| 278 | { | 306 | { |
| 279 | ASN1_TYPE *ttmp; | 307 | ASN1_TYPE *ttmp; |
| 280 | ASN1_STRING *stmp = NULL; | 308 | ASN1_STRING *stmp = NULL; |
| 281 | int atype = 0; | 309 | int atype = 0; |
| 282 | if (!attr) return 0; | 310 | |
| 283 | if(attrtype & MBSTRING_FLAG) { | 311 | if (!attr) |
| 312 | return 0; | ||
| 313 | if (attrtype & MBSTRING_FLAG) { | ||
| 284 | stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, | 314 | stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, |
| 285 | OBJ_obj2nid(attr->object)); | 315 | OBJ_obj2nid(attr->object)); |
| 286 | if(!stmp) { | 316 | if (!stmp) { |
| 287 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB); | 317 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, |
| 318 | ERR_R_ASN1_LIB); | ||
| 288 | return 0; | 319 | return 0; |
| 289 | } | 320 | } |
| 290 | atype = stmp->type; | 321 | atype = stmp->type; |
| 291 | } else if (len != -1){ | 322 | } else if (len != -1){ |
| 292 | if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; | 323 | if (!(stmp = ASN1_STRING_type_new(attrtype))) |
| 293 | if(!ASN1_STRING_set(stmp, data, len)) goto err; | 324 | goto err; |
| 325 | if (!ASN1_STRING_set(stmp, data, len)) | ||
| 326 | goto err; | ||
| 294 | atype = attrtype; | 327 | atype = attrtype; |
| 295 | } | 328 | } |
| 296 | if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; | 329 | if (!(attr->value.set = sk_ASN1_TYPE_new_null())) |
| 330 | goto err; | ||
| 297 | attr->single = 0; | 331 | attr->single = 0; |
| 298 | /* This is a bit naughty because the attribute should really have | 332 | /* This is a bit naughty because the attribute should really have |
| 299 | * at least one value but some types use and zero length SET and | 333 | * at least one value but some types use and zero length SET and |
| @@ -301,49 +335,64 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat | |||
| 301 | */ | 335 | */ |
| 302 | if (attrtype == 0) | 336 | if (attrtype == 0) |
| 303 | return 1; | 337 | return 1; |
| 304 | if(!(ttmp = ASN1_TYPE_new())) goto err; | 338 | if (!(ttmp = ASN1_TYPE_new())) |
| 339 | goto err; | ||
| 305 | if ((len == -1) && !(attrtype & MBSTRING_FLAG)) { | 340 | if ((len == -1) && !(attrtype & MBSTRING_FLAG)) { |
| 306 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) | 341 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) |
| 307 | goto err; | 342 | goto err; |
| 308 | } else | 343 | } else |
| 309 | ASN1_TYPE_set(ttmp, atype, stmp); | 344 | ASN1_TYPE_set(ttmp, atype, stmp); |
| 310 | if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; | 345 | if (!sk_ASN1_TYPE_push(attr->value.set, ttmp)) |
| 346 | goto err; | ||
| 311 | return 1; | 347 | return 1; |
| 312 | err: | 348 | |
| 349 | err: | ||
| 313 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); | 350 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); |
| 314 | return 0; | 351 | return 0; |
| 315 | } | 352 | } |
| 316 | 353 | ||
| 317 | int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr) | 354 | int |
| 355 | X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr) | ||
| 318 | { | 356 | { |
| 319 | if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set); | 357 | if (!attr->single) |
| 320 | if(attr->value.single) return 1; | 358 | return sk_ASN1_TYPE_num(attr->value.set); |
| 359 | if (attr->value.single) | ||
| 360 | return 1; | ||
| 321 | return 0; | 361 | return 0; |
| 322 | } | 362 | } |
| 323 | 363 | ||
| 324 | ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) | 364 | ASN1_OBJECT * |
| 365 | X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) | ||
| 325 | { | 366 | { |
| 326 | if (attr == NULL) return(NULL); | 367 | if (attr == NULL) |
| 327 | return(attr->object); | 368 | return (NULL); |
| 369 | return (attr->object); | ||
| 328 | } | 370 | } |
| 329 | 371 | ||
| 330 | void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, | 372 | void * |
| 331 | int atrtype, void *data) | 373 | X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data) |
| 332 | { | 374 | { |
| 333 | ASN1_TYPE *ttmp; | 375 | ASN1_TYPE *ttmp; |
| 376 | |||
| 334 | ttmp = X509_ATTRIBUTE_get0_type(attr, idx); | 377 | ttmp = X509_ATTRIBUTE_get0_type(attr, idx); |
| 335 | if(!ttmp) return NULL; | 378 | if (!ttmp) |
| 336 | if(atrtype != ASN1_TYPE_get(ttmp)){ | 379 | return NULL; |
| 380 | if (atrtype != ASN1_TYPE_get(ttmp)){ | ||
| 337 | X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE); | 381 | X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE); |
| 338 | return NULL; | 382 | return NULL; |
| 339 | } | 383 | } |
| 340 | return ttmp->value.ptr; | 384 | return ttmp->value.ptr; |
| 341 | } | 385 | } |
| 342 | 386 | ||
| 343 | ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) | 387 | ASN1_TYPE * |
| 388 | X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) | ||
| 344 | { | 389 | { |
| 345 | if (attr == NULL) return(NULL); | 390 | if (attr == NULL) |
| 346 | if(idx >= X509_ATTRIBUTE_count(attr)) return NULL; | 391 | return (NULL); |
| 347 | if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx); | 392 | if (idx >= X509_ATTRIBUTE_count(attr)) |
| 348 | else return attr->value.single; | 393 | return NULL; |
| 394 | if (!attr->single) | ||
| 395 | return sk_ASN1_TYPE_value(attr->value.set, idx); | ||
| 396 | else | ||
| 397 | return attr->value.single; | ||
| 349 | } | 398 | } |
diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c index 87c4596414..b6b3423e3f 100644 --- a/src/lib/libssl/src/crypto/x509/x509_cmp.c +++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -64,105 +64,121 @@ | |||
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/x509v3.h> | 65 | #include <openssl/x509v3.h> |
| 66 | 66 | ||
| 67 | int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) | 67 | int |
| 68 | X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) | ||
| 68 | { | 69 | { |
| 69 | int i; | 70 | int i; |
| 70 | X509_CINF *ai,*bi; | 71 | X509_CINF *ai, *bi; |
| 71 | 72 | ||
| 72 | ai=a->cert_info; | 73 | ai = a->cert_info; |
| 73 | bi=b->cert_info; | 74 | bi = b->cert_info; |
| 74 | i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber); | 75 | i = M_ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber); |
| 75 | if (i) return(i); | 76 | if (i) |
| 76 | return(X509_NAME_cmp(ai->issuer,bi->issuer)); | 77 | return (i); |
| 78 | return (X509_NAME_cmp(ai->issuer, bi->issuer)); | ||
| 77 | } | 79 | } |
| 78 | 80 | ||
| 79 | #ifndef OPENSSL_NO_MD5 | 81 | #ifndef OPENSSL_NO_MD5 |
| 80 | unsigned long X509_issuer_and_serial_hash(X509 *a) | 82 | unsigned long |
| 83 | X509_issuer_and_serial_hash(X509 *a) | ||
| 81 | { | 84 | { |
| 82 | unsigned long ret=0; | 85 | unsigned long ret = 0; |
| 83 | EVP_MD_CTX ctx; | 86 | EVP_MD_CTX ctx; |
| 84 | unsigned char md[16]; | 87 | unsigned char md[16]; |
| 85 | char *f; | 88 | char *f; |
| 86 | 89 | ||
| 87 | EVP_MD_CTX_init(&ctx); | 90 | EVP_MD_CTX_init(&ctx); |
| 88 | f=X509_NAME_oneline(a->cert_info->issuer,NULL,0); | 91 | f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0); |
| 89 | if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) | 92 | if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) |
| 90 | goto err; | 93 | goto err; |
| 91 | if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,strlen(f))) | 94 | if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f))) |
| 92 | goto err; | 95 | goto err; |
| 93 | free(f); | 96 | free(f); |
| 94 | if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, | 97 | if (!EVP_DigestUpdate(&ctx, |
| 95 | (unsigned long)a->cert_info->serialNumber->length)) | 98 | (unsigned char *)a->cert_info->serialNumber->data, |
| 99 | (unsigned long)a->cert_info->serialNumber->length)) | ||
| 96 | goto err; | 100 | goto err; |
| 97 | if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL)) | 101 | if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL)) |
| 98 | goto err; | 102 | goto err; |
| 99 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 103 | ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | |
| 100 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 104 | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) & |
| 101 | )&0xffffffffL; | 105 | 0xffffffffL; |
| 102 | err: | 106 | |
| 107 | err: | ||
| 103 | EVP_MD_CTX_cleanup(&ctx); | 108 | EVP_MD_CTX_cleanup(&ctx); |
| 104 | return(ret); | 109 | return (ret); |
| 105 | } | 110 | } |
| 106 | #endif | 111 | #endif |
| 107 | 112 | ||
| 108 | int X509_issuer_name_cmp(const X509 *a, const X509 *b) | 113 | int |
| 114 | X509_issuer_name_cmp(const X509 *a, const X509 *b) | ||
| 109 | { | 115 | { |
| 110 | return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); | 116 | return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer)); |
| 111 | } | 117 | } |
| 112 | 118 | ||
| 113 | int X509_subject_name_cmp(const X509 *a, const X509 *b) | 119 | int |
| 120 | X509_subject_name_cmp(const X509 *a, const X509 *b) | ||
| 114 | { | 121 | { |
| 115 | return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); | 122 | return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject)); |
| 116 | } | 123 | } |
| 117 | 124 | ||
| 118 | int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) | 125 | int |
| 126 | X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) | ||
| 119 | { | 127 | { |
| 120 | return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); | 128 | return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer)); |
| 121 | } | 129 | } |
| 122 | 130 | ||
| 123 | #ifndef OPENSSL_NO_SHA | 131 | #ifndef OPENSSL_NO_SHA |
| 124 | int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) | 132 | int |
| 133 | X509_CRL_match(const X509_CRL *a, const X509_CRL *b) | ||
| 125 | { | 134 | { |
| 126 | return memcmp(a->sha1_hash, b->sha1_hash, 20); | 135 | return memcmp(a->sha1_hash, b->sha1_hash, 20); |
| 127 | } | 136 | } |
| 128 | #endif | 137 | #endif |
| 129 | 138 | ||
| 130 | X509_NAME *X509_get_issuer_name(X509 *a) | 139 | X509_NAME * |
| 140 | X509_get_issuer_name(X509 *a) | ||
| 131 | { | 141 | { |
| 132 | return(a->cert_info->issuer); | 142 | return (a->cert_info->issuer); |
| 133 | } | 143 | } |
| 134 | 144 | ||
| 135 | unsigned long X509_issuer_name_hash(X509 *x) | 145 | unsigned long |
| 146 | X509_issuer_name_hash(X509 *x) | ||
| 136 | { | 147 | { |
| 137 | return(X509_NAME_hash(x->cert_info->issuer)); | 148 | return (X509_NAME_hash(x->cert_info->issuer)); |
| 138 | } | 149 | } |
| 139 | 150 | ||
| 140 | #ifndef OPENSSL_NO_MD5 | 151 | #ifndef OPENSSL_NO_MD5 |
| 141 | unsigned long X509_issuer_name_hash_old(X509 *x) | 152 | unsigned long |
| 153 | X509_issuer_name_hash_old(X509 *x) | ||
| 142 | { | 154 | { |
| 143 | return(X509_NAME_hash_old(x->cert_info->issuer)); | 155 | return (X509_NAME_hash_old(x->cert_info->issuer)); |
| 144 | } | 156 | } |
| 145 | #endif | 157 | #endif |
| 146 | 158 | ||
| 147 | X509_NAME *X509_get_subject_name(X509 *a) | 159 | X509_NAME * |
| 160 | X509_get_subject_name(X509 *a) | ||
| 148 | { | 161 | { |
| 149 | return(a->cert_info->subject); | 162 | return (a->cert_info->subject); |
| 150 | } | 163 | } |
| 151 | 164 | ||
| 152 | ASN1_INTEGER *X509_get_serialNumber(X509 *a) | 165 | ASN1_INTEGER * |
| 166 | X509_get_serialNumber(X509 *a) | ||
| 153 | { | 167 | { |
| 154 | return(a->cert_info->serialNumber); | 168 | return (a->cert_info->serialNumber); |
| 155 | } | 169 | } |
| 156 | 170 | ||
| 157 | unsigned long X509_subject_name_hash(X509 *x) | 171 | unsigned long |
| 172 | X509_subject_name_hash(X509 *x) | ||
| 158 | { | 173 | { |
| 159 | return(X509_NAME_hash(x->cert_info->subject)); | 174 | return (X509_NAME_hash(x->cert_info->subject)); |
| 160 | } | 175 | } |
| 161 | 176 | ||
| 162 | #ifndef OPENSSL_NO_MD5 | 177 | #ifndef OPENSSL_NO_MD5 |
| 163 | unsigned long X509_subject_name_hash_old(X509 *x) | 178 | unsigned long |
| 179 | X509_subject_name_hash_old(X509 *x) | ||
| 164 | { | 180 | { |
| 165 | return(X509_NAME_hash_old(x->cert_info->subject)); | 181 | return (X509_NAME_hash_old(x->cert_info->subject)); |
| 166 | } | 182 | } |
| 167 | #endif | 183 | #endif |
| 168 | 184 | ||
| @@ -176,7 +192,8 @@ unsigned long X509_subject_name_hash_old(X509 *x) | |||
| 176 | * where the "depth-first" constification tree has to halt | 192 | * where the "depth-first" constification tree has to halt |
| 177 | * with an evil cast. | 193 | * with an evil cast. |
| 178 | */ | 194 | */ |
| 179 | int X509_cmp(const X509 *a, const X509 *b) | 195 | int |
| 196 | X509_cmp(const X509 *a, const X509 *b) | ||
| 180 | { | 197 | { |
| 181 | /* ensure hash is valid */ | 198 | /* ensure hash is valid */ |
| 182 | X509_check_purpose((X509 *)a, -1, 0); | 199 | X509_check_purpose((X509 *)a, -1, 0); |
| @@ -186,49 +203,44 @@ int X509_cmp(const X509 *a, const X509 *b) | |||
| 186 | } | 203 | } |
| 187 | #endif | 204 | #endif |
| 188 | 205 | ||
| 189 | 206 | int | |
| 190 | int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) | 207 | X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) |
| 191 | { | 208 | { |
| 192 | int ret; | 209 | int ret; |
| 193 | 210 | ||
| 194 | /* Ensure canonical encoding is present and up to date */ | 211 | /* Ensure canonical encoding is present and up to date */ |
| 195 | |||
| 196 | if (!a->canon_enc || a->modified) { | 212 | if (!a->canon_enc || a->modified) { |
| 197 | ret = i2d_X509_NAME((X509_NAME *)a, NULL); | 213 | ret = i2d_X509_NAME((X509_NAME *)a, NULL); |
| 198 | if (ret < 0) | 214 | if (ret < 0) |
| 199 | return -2; | 215 | return -2; |
| 200 | } | 216 | } |
| 201 | |||
| 202 | if (!b->canon_enc || b->modified) { | 217 | if (!b->canon_enc || b->modified) { |
| 203 | ret = i2d_X509_NAME((X509_NAME *)b, NULL); | 218 | ret = i2d_X509_NAME((X509_NAME *)b, NULL); |
| 204 | if (ret < 0) | 219 | if (ret < 0) |
| 205 | return -2; | 220 | return -2; |
| 206 | } | 221 | } |
| 207 | |||
| 208 | ret = a->canon_enclen - b->canon_enclen; | 222 | ret = a->canon_enclen - b->canon_enclen; |
| 209 | |||
| 210 | if (ret) | 223 | if (ret) |
| 211 | return ret; | 224 | return ret; |
| 212 | |||
| 213 | return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); | 225 | return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); |
| 214 | |||
| 215 | } | 226 | } |
| 216 | 227 | ||
| 217 | unsigned long X509_NAME_hash(X509_NAME *x) | 228 | unsigned long |
| 229 | X509_NAME_hash(X509_NAME *x) | ||
| 218 | { | 230 | { |
| 219 | unsigned long ret=0; | 231 | unsigned long ret = 0; |
| 220 | unsigned char md[SHA_DIGEST_LENGTH]; | 232 | unsigned char md[SHA_DIGEST_LENGTH]; |
| 221 | 233 | ||
| 222 | /* Make sure X509_NAME structure contains valid cached encoding */ | 234 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 223 | i2d_X509_NAME(x,NULL); | 235 | i2d_X509_NAME(x, NULL); |
| 224 | if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), | 236 | if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), |
| 225 | NULL)) | 237 | NULL)) |
| 226 | return 0; | 238 | return 0; |
| 227 | 239 | ||
| 228 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 240 | ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | |
| 229 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 241 | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) & |
| 230 | )&0xffffffffL; | 242 | 0xffffffffL; |
| 231 | return(ret); | 243 | return (ret); |
| 232 | } | 244 | } |
| 233 | 245 | ||
| 234 | 246 | ||
| @@ -236,82 +248,92 @@ unsigned long X509_NAME_hash(X509_NAME *x) | |||
| 236 | /* I now DER encode the name and hash it. Since I cache the DER encoding, | 248 | /* I now DER encode the name and hash it. Since I cache the DER encoding, |
| 237 | * this is reasonably efficient. */ | 249 | * this is reasonably efficient. */ |
| 238 | 250 | ||
| 239 | unsigned long X509_NAME_hash_old(X509_NAME *x) | 251 | unsigned long |
| 252 | X509_NAME_hash_old(X509_NAME *x) | ||
| 240 | { | 253 | { |
| 241 | EVP_MD_CTX md_ctx; | 254 | EVP_MD_CTX md_ctx; |
| 242 | unsigned long ret=0; | 255 | unsigned long ret = 0; |
| 243 | unsigned char md[16]; | 256 | unsigned char md[16]; |
| 244 | 257 | ||
| 245 | /* Make sure X509_NAME structure contains valid cached encoding */ | 258 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 246 | i2d_X509_NAME(x,NULL); | 259 | i2d_X509_NAME(x, NULL); |
| 247 | EVP_MD_CTX_init(&md_ctx); | 260 | EVP_MD_CTX_init(&md_ctx); |
| 248 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | 261 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); |
| 249 | if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) | 262 | if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) && |
| 250 | && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) | 263 | EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) && |
| 251 | && EVP_DigestFinal_ex(&md_ctx,md,NULL)) | 264 | EVP_DigestFinal_ex(&md_ctx, md, NULL)) |
| 252 | ret=(((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 265 | ret = (((unsigned long)md[0]) | |
| 253 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 266 | ((unsigned long)md[1] << 8L) | |
| 254 | )&0xffffffffL; | 267 | ((unsigned long)md[2] << 16L) | |
| 268 | ((unsigned long)md[3] << 24L)) & | ||
| 269 | 0xffffffffL; | ||
| 255 | EVP_MD_CTX_cleanup(&md_ctx); | 270 | EVP_MD_CTX_cleanup(&md_ctx); |
| 256 | 271 | ||
| 257 | return(ret); | 272 | return (ret); |
| 258 | } | 273 | } |
| 259 | #endif | 274 | #endif |
| 260 | 275 | ||
| 261 | /* Search a stack of X509 for a match */ | 276 | /* Search a stack of X509 for a match */ |
| 262 | X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, | 277 | X509 * |
| 263 | ASN1_INTEGER *serial) | 278 | X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, |
| 279 | ASN1_INTEGER *serial) | ||
| 264 | { | 280 | { |
| 265 | int i; | 281 | int i; |
| 266 | X509_CINF cinf; | 282 | X509_CINF cinf; |
| 267 | X509 x,*x509=NULL; | 283 | X509 x, *x509 = NULL; |
| 268 | 284 | ||
| 269 | if(!sk) return NULL; | 285 | if (!sk) |
| 286 | return NULL; | ||
| 270 | 287 | ||
| 271 | x.cert_info= &cinf; | 288 | x.cert_info = &cinf; |
| 272 | cinf.serialNumber=serial; | 289 | cinf.serialNumber = serial; |
| 273 | cinf.issuer=name; | 290 | cinf.issuer = name; |
| 274 | 291 | ||
| 275 | for (i=0; i<sk_X509_num(sk); i++) { | 292 | for (i = 0; i < sk_X509_num(sk); i++) { |
| 276 | x509=sk_X509_value(sk,i); | 293 | x509 = sk_X509_value(sk, i); |
| 277 | if (X509_issuer_and_serial_cmp(x509,&x) == 0) | 294 | if (X509_issuer_and_serial_cmp(x509, &x) == 0) |
| 278 | return(x509); | 295 | return (x509); |
| 279 | } | 296 | } |
| 280 | return(NULL); | 297 | return (NULL); |
| 281 | } | 298 | } |
| 282 | 299 | ||
| 283 | X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) | 300 | X509 * |
| 301 | X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) | ||
| 284 | { | 302 | { |
| 285 | X509 *x509; | 303 | X509 *x509; |
| 286 | int i; | 304 | int i; |
| 287 | 305 | ||
| 288 | for (i=0; i<sk_X509_num(sk); i++) { | 306 | for (i = 0; i < sk_X509_num(sk); i++) { |
| 289 | x509=sk_X509_value(sk,i); | 307 | x509 = sk_X509_value(sk, i); |
| 290 | if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0) | 308 | if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0) |
| 291 | return(x509); | 309 | return (x509); |
| 292 | } | 310 | } |
| 293 | return(NULL); | 311 | return (NULL); |
| 294 | } | 312 | } |
| 295 | 313 | ||
| 296 | EVP_PKEY *X509_get_pubkey(X509 *x) | 314 | EVP_PKEY * |
| 315 | X509_get_pubkey(X509 *x) | ||
| 297 | { | 316 | { |
| 298 | if ((x == NULL) || (x->cert_info == NULL)) | 317 | if ((x == NULL) || (x->cert_info == NULL)) |
| 299 | return(NULL); | 318 | return (NULL); |
| 300 | return(X509_PUBKEY_get(x->cert_info->key)); | 319 | return (X509_PUBKEY_get(x->cert_info->key)); |
| 301 | } | 320 | } |
| 302 | 321 | ||
| 303 | ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) | 322 | ASN1_BIT_STRING * |
| 323 | X509_get0_pubkey_bitstr(const X509 *x) | ||
| 304 | { | 324 | { |
| 305 | if(!x) return NULL; | 325 | if (!x) |
| 326 | return NULL; | ||
| 306 | return x->cert_info->key->public_key; | 327 | return x->cert_info->key->public_key; |
| 307 | } | 328 | } |
| 308 | 329 | ||
| 309 | int X509_check_private_key(X509 *x, EVP_PKEY *k) | 330 | int |
| 331 | X509_check_private_key(X509 *x, EVP_PKEY *k) | ||
| 310 | { | 332 | { |
| 311 | EVP_PKEY *xk; | 333 | EVP_PKEY *xk; |
| 312 | int ret; | 334 | int ret; |
| 313 | 335 | ||
| 314 | xk=X509_get_pubkey(x); | 336 | xk = X509_get_pubkey(x); |
| 315 | 337 | ||
| 316 | if (xk) | 338 | if (xk) |
| 317 | ret = EVP_PKEY_cmp(xk, k); | 339 | ret = EVP_PKEY_cmp(xk, k); |
| @@ -322,13 +344,16 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) | |||
| 322 | case 1: | 344 | case 1: |
| 323 | break; | 345 | break; |
| 324 | case 0: | 346 | case 0: |
| 325 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | 347 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, |
| 348 | X509_R_KEY_VALUES_MISMATCH); | ||
| 326 | break; | 349 | break; |
| 327 | case -1: | 350 | case -1: |
| 328 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); | 351 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, |
| 352 | X509_R_KEY_TYPE_MISMATCH); | ||
| 329 | break; | 353 | break; |
| 330 | case -2: | 354 | case -2: |
| 331 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); | 355 | X509err(X509_F_X509_CHECK_PRIVATE_KEY, |
| 356 | X509_R_UNKNOWN_KEY_TYPE); | ||
| 332 | } | 357 | } |
| 333 | if (xk) | 358 | if (xk) |
| 334 | EVP_PKEY_free(xk); | 359 | EVP_PKEY_free(xk); |
diff --git a/src/lib/libssl/src/crypto/x509/x509_d2.c b/src/lib/libssl/src/crypto/x509/x509_d2.c index ed051093ac..5ccd434665 100644 --- a/src/lib/libssl/src/crypto/x509/x509_d2.c +++ b/src/lib/libssl/src/crypto/x509/x509_d2.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -62,44 +62,48 @@ | |||
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_NO_STDIO | 64 | #ifndef OPENSSL_NO_STDIO |
| 65 | int X509_STORE_set_default_paths(X509_STORE *ctx) | 65 | int |
| 66 | X509_STORE_set_default_paths(X509_STORE *ctx) | ||
| 66 | { | 67 | { |
| 67 | X509_LOOKUP *lookup; | 68 | X509_LOOKUP *lookup; |
| 68 | 69 | ||
| 69 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); | 70 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); |
| 70 | if (lookup == NULL) return(0); | 71 | if (lookup == NULL) |
| 71 | X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); | 72 | return (0); |
| 73 | X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); | ||
| 74 | |||
| 75 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); | ||
| 76 | if (lookup == NULL) | ||
| 77 | return (0); | ||
| 78 | X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); | ||
| 72 | 79 | ||
| 73 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); | ||
| 74 | if (lookup == NULL) return(0); | ||
| 75 | X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); | ||
| 76 | |||
| 77 | /* clear any errors */ | 80 | /* clear any errors */ |
| 78 | ERR_clear_error(); | 81 | ERR_clear_error(); |
| 79 | 82 | ||
| 80 | return(1); | 83 | return (1); |
| 81 | } | 84 | } |
| 82 | 85 | ||
| 83 | int X509_STORE_load_locations(X509_STORE *ctx, const char *file, | 86 | int |
| 84 | const char *path) | 87 | X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *path) |
| 85 | { | 88 | { |
| 86 | X509_LOOKUP *lookup; | 89 | X509_LOOKUP *lookup; |
| 87 | 90 | ||
| 88 | if (file != NULL) { | 91 | if (file != NULL) { |
| 89 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); | 92 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); |
| 90 | if (lookup == NULL) return(0); | 93 | if (lookup == NULL) |
| 91 | if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1) | 94 | return (0); |
| 92 | return(0); | 95 | if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1) |
| 96 | return (0); | ||
| 93 | } | 97 | } |
| 94 | if (path != NULL) { | 98 | if (path != NULL) { |
| 95 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); | 99 | lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); |
| 96 | if (lookup == NULL) return(0); | 100 | if (lookup == NULL) |
| 97 | if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1) | 101 | return (0); |
| 98 | return(0); | 102 | if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1) |
| 103 | return (0); | ||
| 99 | } | 104 | } |
| 100 | if ((path == NULL) && (file == NULL)) | 105 | if ((path == NULL) && (file == NULL)) |
| 101 | return(0); | 106 | return (0); |
| 102 | return(1); | 107 | return (1); |
| 103 | } | 108 | } |
| 104 | |||
| 105 | #endif | 109 | #endif |
diff --git a/src/lib/libssl/src/crypto/x509/x509_def.c b/src/lib/libssl/src/crypto/x509/x509_def.c index e0ac151a76..66cbe37bac 100644 --- a/src/lib/libssl/src/crypto/x509/x509_def.c +++ b/src/lib/libssl/src/crypto/x509/x509_def.c | |||
| @@ -5,21 +5,21 @@ | |||
| 5 | * This package is an SSL implementation written | 5 | * This package is an SSL implementation written |
| 6 | * by Eric Young (eay@cryptsoft.com). | 6 | * by Eric Young (eay@cryptsoft.com). |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | 7 | * The implementation was written so as to conform with Netscapes SSL. |
| 8 | * | 8 | * |
| 9 | * This library is free for commercial and non-commercial use as long as | 9 | * This library is free for commercial and non-commercial use as long as |
| 10 | * the following conditions are aheared to. The following conditions | 10 | * the following conditions are aheared to. The following conditions |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | 11 | * apply to all code found in this distribution, be it the RC4, RSA, |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| 13 | * included with this distribution is covered by the same copyright terms | 13 | * included with this distribution is covered by the same copyright terms |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| 15 | * | 15 | * |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | 16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
| 17 | * the code are not to be removed. | 17 | * the code are not to be removed. |
| 18 | * If this package is used in a product, Eric Young should be given attribution | 18 | * If this package is used in a product, Eric Young should be given attribution |
| 19 | * as the author of the parts of the library used. | 19 | * as the author of the parts of the library used. |
| 20 | * This can be in the form of a textual message at program startup or | 20 | * This can be in the form of a textual message at program startup or |
| 21 | * in documentation (online or textual) provided with the package. | 21 | * in documentation (online or textual) provided with the package. |
| 22 | * | 22 | * |
| 23 | * Redistribution and use in source and binary forms, with or without | 23 | * Redistribution and use in source and binary forms, with or without |
| 24 | * modification, are permitted provided that the following conditions | 24 | * modification, are permitted provided that the following conditions |
| 25 | * are met: | 25 | * are met: |
| @@ -34,10 +34,10 @@ | |||
| 34 | * Eric Young (eay@cryptsoft.com)" | 34 | * Eric Young (eay@cryptsoft.com)" |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | 35 | * The word 'cryptographic' can be left out if the rouines from the library |
| 36 | * being used are not cryptographic related :-). | 36 | * being used are not cryptographic related :-). |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
| 38 | * the apps directory (application code) you must include an acknowledgement: | 38 | * the apps directory (application code) you must include an acknowledgement: |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| 40 | * | 40 | * |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| @@ -49,7 +49,7 @@ | |||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 51 | * SUCH DAMAGE. | 51 | * SUCH DAMAGE. |
| 52 | * | 52 | * |
| 53 | * The licence and distribution terms for any publically available version or | 53 | * The licence and distribution terms for any publically available version or |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| @@ -61,21 +61,38 @@ | |||
| 61 | #include <openssl/crypto.h> | 61 | #include <openssl/crypto.h> |
| 62 | #include <openssl/x509.h> | 62 | #include <openssl/x509.h> |
| 63 | 63 | ||
| 64 | const char *X509_get_default_private_dir(void) | 64 | const char * |
| 65 | { return(X509_PRIVATE_DIR); } | 65 | X509_get_default_private_dir(void) |
| 66 | 66 | { | |
| 67 | const char *X509_get_default_cert_area(void) | 67 | return (X509_PRIVATE_DIR); |
| 68 | { return(X509_CERT_AREA); } | 68 | } |
| 69 | 69 | ||
| 70 | const char *X509_get_default_cert_dir(void) | 70 | const char * |
| 71 | { return(X509_CERT_DIR); } | 71 | X509_get_default_cert_area(void) |
| 72 | { | ||
| 73 | return (X509_CERT_AREA); | ||
| 74 | } | ||
| 72 | 75 | ||
| 73 | const char *X509_get_default_cert_file(void) | 76 | const char * |
| 74 | { return(X509_CERT_FILE); } | 77 | X509_get_default_cert_dir(void) |
| 78 | { | ||
| 79 | return (X509_CERT_DIR); | ||
| 80 | } | ||
| 75 | 81 | ||
| 76 | const char *X509_get_default_cert_dir_env(void) | 82 | const char * |
| 77 | { return(X509_CERT_DIR_EVP); } | 83 | X509_get_default_cert_file(void) |
| 84 | { | ||
| 85 | return (X509_CERT_FILE); | ||
| 86 | } | ||
| 78 | 87 | ||
| 79 | const char *X509_get_default_cert_file_env(void) | 88 | const char * |
| 80 | { return(X509_CERT_FILE_EVP); } | 89 | X509_get_default_cert_dir_env(void) |
| 90 | { | ||
| 91 | return (X509_CERT_DIR_EVP); | ||
| 92 | } | ||
| 81 | 93 | ||
| 94 | const char * | ||
| 95 | X509_get_default_cert_file_env(void) | ||
| 96 | { | ||
| 97 | return (X509_CERT_FILE_EVP); | ||
| 98 | } | ||