1 files changed, 10 insertions, 37 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c
index 815cc29d58..ec884cb08f 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ext.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ext.c
@@ -264,7 +264,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
        }
 /* also CRL Entry Extensions */
+#if 0
 ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
                                void *data, STACK_OF(ASN1_OBJECT) *sk)
        {
@@ -305,6 +305,7 @@ err:
        if (b) OPENSSL_free(b);
        return NULL;
        }
+#endif
 /* Nonce handling functions */
@@ -442,17 +443,10 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
                if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) 
                        goto err;
                }
-        if (!(x = X509_EXTENSION_new())) goto err;
+        x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
-        if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err;
-        if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid,
-                                    NULL)))
-                goto err;
-        OCSP_CRLID_free(cid);
-        return x;
 err:
-        if (x) X509_EXTENSION_free(x);
        if (cid) OCSP_CRLID_free(cid);
-        return NULL;
+        return x;
        }
 /*   AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
@@ -470,18 +464,10 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids)
                        sk_ASN1_OBJECT_push(sk, o);
                oids++;
                }
-        if (!(x = X509_EXTENSION_new())) goto err;
+        x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
-        if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses)))
-                goto err;
-        if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL,
-                                    sk)))
-                goto err;
-        sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-        return x;
 err:
-        if (x) X509_EXTENSION_free(x);
        if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-        return NULL;
+        return x;
        }
 /*  ArchiveCutoff ::= GeneralizedTime */
@@ -492,16 +478,10 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim)
        if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err;
        if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err;
-        if (!(x = X509_EXTENSION_new())) goto err;
+        x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
-        if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err;
-        if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value,
-                                    i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err;
-        ASN1_GENERALIZEDTIME_free(gt);
-        return x;
 err:
        if (gt) ASN1_GENERALIZEDTIME_free(gt);
-        if (x) X509_EXTENSION_free(x);
+        return x;
-        return NULL;
        }
 /* per ACCESS_DESCRIPTION parameter are oids, of which there are currently
@@ -530,16 +510,9 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls)
                if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err;
                urls++;
                }
-        if (!(x = X509_EXTENSION_new())) goto err;
+        x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
-        if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) 
-                goto err;
-        if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value,
-                                    i2d_OCSP_SERVICELOC,sloc,NULL))) goto err;
-        OCSP_SERVICELOC_free(sloc);
-        return x;
 err:
-        if (x) X509_EXTENSION_free(x);
        if (sloc) OCSP_SERVICELOC_free(sloc);
-        return NULL;
+        return x;
        }

diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c index 815cc29d58..ec884cb08f 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ext.c +++ b/src/lib/libcrypto/ocsp/ocsp_ext.c
@@ -264,7 +264,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP x, X509_EXTENSION ex, int loc)
264	}	264	}
265		265
266	/* also CRL Entry Extensions */	266	/* also CRL Entry Extensions */
267		267	#if 0
268	ASN1_STRING ASN1_STRING_encode(ASN1_STRING s, i2d_of_void *i2d,	268	ASN1_STRING ASN1_STRING_encode(ASN1_STRING s, i2d_of_void *i2d,
269	void data, STACK_OF(ASN1_OBJECT) sk)	269	void data, STACK_OF(ASN1_OBJECT) sk)
270	{	270	{
@@ -305,6 +305,7 @@ err:
305	if (b) OPENSSL_free(b);	305	if (b) OPENSSL_free(b);
306	return NULL;	306	return NULL;
307	}	307	}
		308	#endif
308		309
309	/* Nonce handling functions */	310	/* Nonce handling functions */
310		311
@@ -442,17 +443,10 @@ X509_EXTENSION OCSP_crlID_new(char url, long n, char tim)
442	if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))	443	if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
443	goto err;	444	goto err;
444	}	445	}
445	if (!(x = X509_EXTENSION_new())) goto err;	446	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
446	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err;
447	if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid,
448	NULL)))
449	goto err;
450	OCSP_CRLID_free(cid);
451	return x;
452	err:	447	err:
453	if (x) X509_EXTENSION_free(x);
454	if (cid) OCSP_CRLID_free(cid);	448	if (cid) OCSP_CRLID_free(cid);
455	return NULL;	449	return x;
456	}	450	}
457		451
458	/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */	452	/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
@@ -470,18 +464,10 @@ X509_EXTENSION OCSP_accept_responses_new(char *oids)
470	sk_ASN1_OBJECT_push(sk, o);	464	sk_ASN1_OBJECT_push(sk, o);
471	oids++;	465	oids++;
472	}	466	}
473	if (!(x = X509_EXTENSION_new())) goto err;	467	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
474	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses)))
475	goto err;
476	if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL,
477	sk)))
478	goto err;
479	sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
480	return x;
481	err:	468	err:
482	if (x) X509_EXTENSION_free(x);
483	if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);	469	if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
484	return NULL;	470	return x;
485	}	471	}
486		472
487	/* ArchiveCutoff ::= GeneralizedTime */	473	/* ArchiveCutoff ::= GeneralizedTime */
@@ -492,16 +478,10 @@ X509_EXTENSION OCSP_archive_cutoff_new(char tim)
492		478
493	if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err;	479	if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err;
494	if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err;	480	if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err;
495	if (!(x = X509_EXTENSION_new())) goto err;	481	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
496	if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err;
497	if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value,
498	i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err;
499	ASN1_GENERALIZEDTIME_free(gt);
500	return x;
501	err:	482	err:
502	if (gt) ASN1_GENERALIZEDTIME_free(gt);	483	if (gt) ASN1_GENERALIZEDTIME_free(gt);
503	if (x) X509_EXTENSION_free(x);	484	return x;
504	return NULL;
505	}	485	}
506		486
507	/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently	487	/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently
@@ -530,16 +510,9 @@ X509_EXTENSION OCSP_url_svcloc_new(X509_NAME issuer, char **urls)
530	if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err;	510	if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err;
531	urls++;	511	urls++;
532	}	512	}
533	if (!(x = X509_EXTENSION_new())) goto err;	513	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
534	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator)))
535	goto err;
536	if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value,
537	i2d_OCSP_SERVICELOC,sloc,NULL))) goto err;
538	OCSP_SERVICELOC_free(sloc);
539	return x;
540	err:	514	err:
541	if (x) X509_EXTENSION_free(x);
542	if (sloc) OCSP_SERVICELOC_free(sloc);	515	if (sloc) OCSP_SERVICELOC_free(sloc);
543	return NULL;	516	return x;
544	}	517	}
545		518