1 files changed, 84 insertions, 2 deletions
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index 4ca0a092ee..a9ee0dd9c9 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_strex.c,v 1.35 2024/04/09 13:55:02 beck Exp $ */
+/* $OpenBSD: a_strex.c,v 1.36 2025/02/08 03:41:36 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -56,14 +56,19 @@
 *
 */
+#include <stdint.h>
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include <openssl/asn1.h>
-#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/objects.h>
 #include <openssl/x509.h>
 #include "asn1_local.h"
+#include "bytestring.h"
+#include "x509_local.h"
 #include "charmap.h"
@@ -560,6 +565,83 @@ do_name_ex(char_io *io_ch, void *arg, const X509_NAME *n, int indent,
        return outlen;
 }
+/* NID with SN of 1-2 letters, which X509_NAME_print() historically included. */
+static int
+x509_name_entry_include(const X509_NAME_ENTRY *ne)
+{
+        int nid;
+        if ((nid = OBJ_obj2nid(ne->object)) == NID_undef)
+                return 0;
+        switch (nid) {
+        case NID_commonName:
+        case NID_surname:
+        case NID_countryName:
+        case NID_localityName:
+        case NID_stateOrProvinceName:
+        case NID_organizationName:
+        case NID_organizationalUnitName:
+        case NID_givenName:
+        case NID_domainComponent: /* XXX - doesn't really belong here */
+                return 1;
+        }
+        return 0;
+}
+int
+X509_NAME_print(BIO *bio, const X509_NAME *name, int obase)
+{
+        CBB cbb;
+        uint8_t *buf = NULL;
+        size_t buf_len;
+        const X509_NAME_ENTRY *ne;
+        int i;
+        int started = 0;
+        int ret = 0;
+        if (!CBB_init(&cbb, 0))
+                goto err;
+        for (i = 0; i < sk_X509_NAME_ENTRY_num(name->entries); i++) {
+                ne = sk_X509_NAME_ENTRY_value(name->entries, i);
+                if (!x509_name_entry_include(ne))
+                        continue;
+                if (started) {
+                        if (!CBB_add_u8(&cbb, ','))
+                                goto err;
+                        if (!CBB_add_u8(&cbb, ' '))
+                                goto err;
+                }
+                if (!X509_NAME_ENTRY_add_cbb(&cbb, ne))
+                        goto err;
+                started = 1;
+        }
+        if (!CBB_add_u8(&cbb, '\0'))
+                goto err;
+        if (!CBB_finish(&cbb, &buf, &buf_len))
+                goto err;
+        if (BIO_printf(bio, "%s", buf) < 0)
+                goto err;
+        ret = 1;
+ err:
+        CBB_cleanup(&cbb);
+        free(buf);
+        return ret;
+}
+LCRYPTO_ALIAS(X509_NAME_print);
 /* Wrappers round the main functions */
 int

diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c index 4ca0a092ee..a9ee0dd9c9 100644 --- a/src/lib/libcrypto/asn1/a_strex.c +++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: a_strex.c,v 1.35 2024/04/09 13:55:02 beck Exp $ */	1	/* $OpenBSD: a_strex.c,v 1.36 2025/02/08 03:41:36 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2000.	3	* project 2000.
4	*/	4	*/
@@ -56,14 +56,19 @@
56	*	56	*
57	*/	57	*/
58		58
		59	#include <stdint.h>
59	#include <stdio.h>	60	#include <stdio.h>
		61	#include <stdlib.h>
60	#include <string.h>	62	#include <string.h>
61		63
62	#include <openssl/asn1.h>	64	#include <openssl/asn1.h>
63	#include <openssl/crypto.h>	65	#include <openssl/bio.h>
		66	#include <openssl/objects.h>
64	#include <openssl/x509.h>	67	#include <openssl/x509.h>
65		68
66	#include "asn1_local.h"	69	#include "asn1_local.h"
		70	#include "bytestring.h"
		71	#include "x509_local.h"
67		72
68	#include "charmap.h"	73	#include "charmap.h"
69		74
@@ -560,6 +565,83 @@ do_name_ex(char_io io_ch, void arg, const X509_NAME *n, int indent,
560	return outlen;	565	return outlen;
561	}	566	}
562		567
		568	/* NID with SN of 1-2 letters, which X509_NAME_print() historically included. */
		569	static int
		570	x509_name_entry_include(const X509_NAME_ENTRY *ne)
		571	{
		572	int nid;
		573
		574	if ((nid = OBJ_obj2nid(ne->object)) == NID_undef)
		575	return 0;
		576
		577	switch (nid) {
		578	case NID_commonName:
		579	case NID_surname:
		580	case NID_countryName:
		581	case NID_localityName:
		582	case NID_stateOrProvinceName:
		583	case NID_organizationName:
		584	case NID_organizationalUnitName:
		585	case NID_givenName:
		586	case NID_domainComponent: /* XXX - doesn't really belong here */
		587	return 1;
		588	}
		589
		590	return 0;
		591	}
		592
		593	int
		594	X509_NAME_print(BIO bio, const X509_NAME name, int obase)
		595	{
		596	CBB cbb;
		597	uint8_t *buf = NULL;
		598	size_t buf_len;
		599	const X509_NAME_ENTRY *ne;
		600	int i;
		601	int started = 0;
		602	int ret = 0;
		603
		604	if (!CBB_init(&cbb, 0))
		605	goto err;
		606
		607	for (i = 0; i < sk_X509_NAME_ENTRY_num(name->entries); i++) {
		608	ne = sk_X509_NAME_ENTRY_value(name->entries, i);
		609
		610	if (!x509_name_entry_include(ne))
		611	continue;
		612
		613	if (started) {
		614	if (!CBB_add_u8(&cbb, ','))
		615	goto err;
		616	if (!CBB_add_u8(&cbb, ' '))
		617	goto err;
		618	}
		619
		620	if (!X509_NAME_ENTRY_add_cbb(&cbb, ne))
		621	goto err;
		622
		623	started = 1;
		624	}
		625
		626	if (!CBB_add_u8(&cbb, '\0'))
		627	goto err;
		628
		629	if (!CBB_finish(&cbb, &buf, &buf_len))
		630	goto err;
		631
		632	if (BIO_printf(bio, "%s", buf) < 0)
		633	goto err;
		634
		635	ret = 1;
		636
		637	err:
		638	CBB_cleanup(&cbb);
		639	free(buf);
		640
		641	return ret;
		642	}
		643	LCRYPTO_ALIAS(X509_NAME_print);
		644
563	/* Wrappers round the main functions */	645	/* Wrappers round the main functions */
564		646
565	int	647	int