1 files changed, 92 insertions, 37 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index b5e1f8af96..0e9e7dcb4f 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -61,34 +61,28 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
 X509V3_EXT_METHOD v3_alt[] = {
-{ NID_subject_alt_name, 0,
+{ NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-(X509V3_EXT_NEW)GENERAL_NAMES_new,
+0,0,0,0,
-(X509V3_EXT_FREE)GENERAL_NAMES_free,
+0,0,
-(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
-NULL, NULL,
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_subject_alt,
 NULL, NULL, NULL},
-{ NID_issuer_alt_name, 0,
-(X509V3_EXT_NEW)GENERAL_NAMES_new,
+{ NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-(X509V3_EXT_FREE)GENERAL_NAMES_free,
+0,0,0,0,
-(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
+0,0,
-(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
-NULL, NULL,
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_issuer_alt,
 NULL, NULL, NULL},
-EXT_END
 };
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-                STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret)
+                GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret)
 {
        int i;
        GENERAL_NAME *gen;
@@ -103,8 +97,8 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                                GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
 {
-        char oline[256];
        unsigned char *p;
+        char oline[256];
        switch (gen->type)
        {
                case GEN_OTHERNAME:
@@ -155,13 +149,66 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
        return ret;
 }
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
+{
+        unsigned char *p;
+        switch (gen->type)
+        {
+                case GEN_OTHERNAME:
+                BIO_printf(out, "othername:<unsupported>");
+                break;
+                case GEN_X400:
+                BIO_printf(out, "X400Name:<unsupported>");
+                break;
+                case GEN_EDIPARTY:
+                /* Maybe fix this: it is supported now */
+                BIO_printf(out, "EdiPartyName:<unsupported>");
+                break;
+                case GEN_EMAIL:
+                BIO_printf(out, "email:%s",gen->d.ia5->data);
+                break;
+                case GEN_DNS:
+                BIO_printf(out, "DNS:%s",gen->d.ia5->data);
+                break;
+                case GEN_URI:
+                BIO_printf(out, "URI:%s",gen->d.ia5->data);
+                break;
+                case GEN_DIRNAME:
+                BIO_printf(out, "DirName: ");
+                X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
+                break;
+                case GEN_IPADD:
+                p = gen->d.ip->data;
+                /* BUG: doesn't support IPV6 */
+                if(gen->d.ip->length != 4) {
+                        BIO_printf(out,"IP Address:<invalid>");
+                        break;
+                }
+                BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+                break;
+                case GEN_RID:
+                BIO_printf(out, "Registered ID");
+                i2a_ASN1_OBJECT(out, gen->d.rid);
+                break;
+        }
+        return 1;
+}
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-        STACK_OF(GENERAL_NAME) *gens = NULL;
+        GENERAL_NAMES *gens = NULL;
        CONF_VALUE *cnf;
        int i;
-        if(!(gens = sk_GENERAL_NAME_new(NULL))) {
+        if(!(gens = sk_GENERAL_NAME_new_null())) {
                X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
                return NULL;
        }
@@ -185,9 +232,9 @@ static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
 /* Append subject altname of issuer to issuer alt name of subject */
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
 {
-        STACK_OF(GENERAL_NAME) *ialt;
+        GENERAL_NAMES *ialt;
        GENERAL_NAME *gen;
        X509_EXTENSION *ext;
        int i;
@@ -220,13 +267,13 @@ static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
        
 }
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-        STACK_OF(GENERAL_NAME) *gens = NULL;
+        GENERAL_NAMES *gens = NULL;
        CONF_VALUE *cnf;
        int i;
-        if(!(gens = sk_GENERAL_NAME_new(NULL))) {
+        if(!(gens = sk_GENERAL_NAME_new_null())) {
                X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
                return NULL;
        }
@@ -234,7 +281,10 @@ static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
                cnf = sk_CONF_VALUE_value(nval, i);
                if(!name_cmp(cnf->name, "email") && cnf->value &&
                                                !strcmp(cnf->value, "copy")) {
-                        if(!copy_email(ctx, gens)) goto err;
+                        if(!copy_email(ctx, gens, 0)) goto err;
+                } else if(!name_cmp(cnf->name, "email") && cnf->value &&
+                                                !strcmp(cnf->value, "move")) {
+                        if(!copy_email(ctx, gens, 1)) goto err;
                } else {
                        GENERAL_NAME *gen;
                        if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
@@ -252,7 +302,7 @@ static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
 * GENERAL_NAMES
 */
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
 {
        X509_NAME *nm;
        ASN1_IA5STRING *email = NULL;
@@ -271,9 +321,14 @@ static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
        /* Now add any email address(es) to STACK */
        i = -1;
        while((i = X509_NAME_get_index_by_NID(nm,
-                                         NID_pkcs9_emailAddress, i)) > 0) {
+                                         NID_pkcs9_emailAddress, i)) >= 0) {
                ne = X509_NAME_get_entry(nm, i);
-                email = ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
+                email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
+                if (move_p)
+                        {
+                        X509_NAME_delete_entry(nm, i);
+                        i--;
+                        }
                if(!email || !(gen = GENERAL_NAME_new())) {
                        X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
                        goto err;
@@ -293,19 +348,19 @@ static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
                
        err:
        GENERAL_NAME_free(gen);
-        ASN1_IA5STRING_free(email);
+        M_ASN1_IA5STRING_free(email);
        return 0;
        
 }
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
        GENERAL_NAME *gen;
-        STACK_OF(GENERAL_NAME) *gens = NULL;
+        GENERAL_NAMES *gens = NULL;
        CONF_VALUE *cnf;
        int i;
-        if(!(gens = sk_GENERAL_NAME_new(NULL))) {
+        if(!(gens = sk_GENERAL_NAME_new_null())) {
                X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
                return NULL;
        }
@@ -371,7 +426,7 @@ if(!name_cmp(name, "email")) {
                goto err;
        }
        ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;
-        if(!(gen->d.ip = ASN1_OCTET_STRING_new()) ||
+        if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) ||
                !ASN1_STRING_set(gen->d.ip, ip, 4)) {
                        X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
                        goto err;
@@ -384,7 +439,7 @@ if(!name_cmp(name, "email")) {
 }
 if(is_string) {
-        if(!(gen->d.ia5 = ASN1_IA5STRING_new()) ||
+        if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
                      !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
                                       strlen(value))) {
                X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);

diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c index b5e1f8af96..0e9e7dcb4f 100644 --- a/src/lib/libcrypto/x509v3/v3_alt.c +++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -61,34 +61,28 @@
61	#include <openssl/conf.h>	61	#include <openssl/conf.h>
62	#include <openssl/x509v3.h>	62	#include <openssl/x509v3.h>
63		63
64	static STACK_OF(GENERAL_NAME) v2i_subject_alt(X509V3_EXT_METHOD method, X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);	64	static GENERAL_NAMES v2i_subject_alt(X509V3_EXT_METHOD method, X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);
65	static STACK_OF(GENERAL_NAME) v2i_issuer_alt(X509V3_EXT_METHOD method, X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);	65	static GENERAL_NAMES v2i_issuer_alt(X509V3_EXT_METHOD method, X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);
66	static int copy_email(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens);	66	static int copy_email(X509V3_CTX ctx, GENERAL_NAMES gens, int move_p);
67	static int copy_issuer(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens);	67	static int copy_issuer(X509V3_CTX ctx, GENERAL_NAMES gens);
68	X509V3_EXT_METHOD v3_alt[] = {	68	X509V3_EXT_METHOD v3_alt[] = {
69	{ NID_subject_alt_name, 0,	69	{ NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
70	(X509V3_EXT_NEW)GENERAL_NAMES_new,	70	0,0,0,0,
71	(X509V3_EXT_FREE)GENERAL_NAMES_free,	71	0,0,
72	(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
73	(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
74	NULL, NULL,
75	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,	72	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
76	(X509V3_EXT_V2I)v2i_subject_alt,	73	(X509V3_EXT_V2I)v2i_subject_alt,
77	NULL, NULL, NULL},	74	NULL, NULL, NULL},
78	{ NID_issuer_alt_name, 0,	75
79	(X509V3_EXT_NEW)GENERAL_NAMES_new,	76	{ NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
80	(X509V3_EXT_FREE)GENERAL_NAMES_free,	77	0,0,0,0,
81	(X509V3_EXT_D2I)d2i_GENERAL_NAMES,	78	0,0,
82	(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
83	NULL, NULL,
84	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,	79	(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
85	(X509V3_EXT_V2I)v2i_issuer_alt,	80	(X509V3_EXT_V2I)v2i_issuer_alt,
86	NULL, NULL, NULL},	81	NULL, NULL, NULL},
87	EXT_END
88	};	82	};
89		83
90	STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,	84	STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,
91	STACK_OF(GENERAL_NAME) gens, STACK_OF(CONF_VALUE) ret)	85	GENERAL_NAMES gens, STACK_OF(CONF_VALUE) ret)
92	{	86	{
93	int i;	87	int i;
94	GENERAL_NAME *gen;	88	GENERAL_NAME *gen;
@@ -103,8 +97,8 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,
103	STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,	97	STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,
104	GENERAL_NAME gen, STACK_OF(CONF_VALUE) ret)	98	GENERAL_NAME gen, STACK_OF(CONF_VALUE) ret)
105	{	99	{
106	char oline[256];
107	unsigned char *p;	100	unsigned char *p;
		101	char oline[256];
108	switch (gen->type)	102	switch (gen->type)
109	{	103	{
110	case GEN_OTHERNAME:	104	case GEN_OTHERNAME:
@@ -155,13 +149,66 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,
155	return ret;	149	return ret;
156	}	150	}
157		151
158	static STACK_OF(GENERAL_NAME) v2i_issuer_alt(X509V3_EXT_METHOD method,	152	int GENERAL_NAME_print(BIO out, GENERAL_NAME gen)
		153	{
		154	unsigned char *p;
		155	switch (gen->type)
		156	{
		157	case GEN_OTHERNAME:
		158	BIO_printf(out, "othername:<unsupported>");
		159	break;
		160
		161	case GEN_X400:
		162	BIO_printf(out, "X400Name:<unsupported>");
		163	break;
		164
		165	case GEN_EDIPARTY:
		166	/* Maybe fix this: it is supported now */
		167	BIO_printf(out, "EdiPartyName:<unsupported>");
		168	break;
		169
		170	case GEN_EMAIL:
		171	BIO_printf(out, "email:%s",gen->d.ia5->data);
		172	break;
		173
		174	case GEN_DNS:
		175	BIO_printf(out, "DNS:%s",gen->d.ia5->data);
		176	break;
		177
		178	case GEN_URI:
		179	BIO_printf(out, "URI:%s",gen->d.ia5->data);
		180	break;
		181
		182	case GEN_DIRNAME:
		183	BIO_printf(out, "DirName: ");
		184	X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
		185	break;
		186
		187	case GEN_IPADD:
		188	p = gen->d.ip->data;
		189	/* BUG: doesn't support IPV6 */
		190	if(gen->d.ip->length != 4) {
		191	BIO_printf(out,"IP Address:<invalid>");
		192	break;
		193	}
		194	BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
		195	break;
		196
		197	case GEN_RID:
		198	BIO_printf(out, "Registered ID");
		199	i2a_ASN1_OBJECT(out, gen->d.rid);
		200	break;
		201	}
		202	return 1;
		203	}
		204
		205	static GENERAL_NAMES v2i_issuer_alt(X509V3_EXT_METHOD method,
159	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)	206	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)
160	{	207	{
161	STACK_OF(GENERAL_NAME) *gens = NULL;	208	GENERAL_NAMES *gens = NULL;
162	CONF_VALUE *cnf;	209	CONF_VALUE *cnf;
163	int i;	210	int i;
164	if(!(gens = sk_GENERAL_NAME_new(NULL))) {	211	if(!(gens = sk_GENERAL_NAME_new_null())) {
165	X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);	212	X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
166	return NULL;	213	return NULL;
167	}	214	}
@@ -185,9 +232,9 @@ static STACK_OF(GENERAL_NAME) v2i_issuer_alt(X509V3_EXT_METHOD method,
185		232
186	/* Append subject altname of issuer to issuer alt name of subject */	233	/* Append subject altname of issuer to issuer alt name of subject */
187		234
188	static int copy_issuer(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens)	235	static int copy_issuer(X509V3_CTX ctx, GENERAL_NAMES gens)
189	{	236	{
190	STACK_OF(GENERAL_NAME) *ialt;	237	GENERAL_NAMES *ialt;
191	GENERAL_NAME *gen;	238	GENERAL_NAME *gen;
192	X509_EXTENSION *ext;	239	X509_EXTENSION *ext;
193	int i;	240	int i;
@@ -220,13 +267,13 @@ static int copy_issuer(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens)
220		267
221	}	268	}
222		269
223	static STACK_OF(GENERAL_NAME) v2i_subject_alt(X509V3_EXT_METHOD method,	270	static GENERAL_NAMES v2i_subject_alt(X509V3_EXT_METHOD method,
224	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)	271	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)
225	{	272	{
226	STACK_OF(GENERAL_NAME) *gens = NULL;	273	GENERAL_NAMES *gens = NULL;
227	CONF_VALUE *cnf;	274	CONF_VALUE *cnf;
228	int i;	275	int i;
229	if(!(gens = sk_GENERAL_NAME_new(NULL))) {	276	if(!(gens = sk_GENERAL_NAME_new_null())) {
230	X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);	277	X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
231	return NULL;	278	return NULL;
232	}	279	}
@@ -234,7 +281,10 @@ static STACK_OF(GENERAL_NAME) v2i_subject_alt(X509V3_EXT_METHOD method,
234	cnf = sk_CONF_VALUE_value(nval, i);	281	cnf = sk_CONF_VALUE_value(nval, i);
235	if(!name_cmp(cnf->name, "email") && cnf->value &&	282	if(!name_cmp(cnf->name, "email") && cnf->value &&
236	!strcmp(cnf->value, "copy")) {	283	!strcmp(cnf->value, "copy")) {
237	if(!copy_email(ctx, gens)) goto err;	284	if(!copy_email(ctx, gens, 0)) goto err;
		285	} else if(!name_cmp(cnf->name, "email") && cnf->value &&
		286	!strcmp(cnf->value, "move")) {
		287	if(!copy_email(ctx, gens, 1)) goto err;
238	} else {	288	} else {
239	GENERAL_NAME *gen;	289	GENERAL_NAME *gen;
240	if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))	290	if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
@@ -252,7 +302,7 @@ static STACK_OF(GENERAL_NAME) v2i_subject_alt(X509V3_EXT_METHOD method,
252	* GENERAL_NAMES	302	* GENERAL_NAMES
253	*/	303	*/
254		304
255	static int copy_email(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens)	305	static int copy_email(X509V3_CTX ctx, GENERAL_NAMES gens, int move_p)
256	{	306	{
257	X509_NAME *nm;	307	X509_NAME *nm;
258	ASN1_IA5STRING *email = NULL;	308	ASN1_IA5STRING *email = NULL;
@@ -271,9 +321,14 @@ static int copy_email(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens)
271	/* Now add any email address(es) to STACK */	321	/* Now add any email address(es) to STACK */
272	i = -1;	322	i = -1;
273	while((i = X509_NAME_get_index_by_NID(nm,	323	while((i = X509_NAME_get_index_by_NID(nm,
274	NID_pkcs9_emailAddress, i)) > 0) {	324	NID_pkcs9_emailAddress, i)) >= 0) {
275	ne = X509_NAME_get_entry(nm, i);	325	ne = X509_NAME_get_entry(nm, i);
276	email = ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));	326	email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
		327	if (move_p)
		328	{
		329	X509_NAME_delete_entry(nm, i);
		330	i--;
		331	}
277	if(!email \|\| !(gen = GENERAL_NAME_new())) {	332	if(!email \|\| !(gen = GENERAL_NAME_new())) {
278	X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);	333	X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
279	goto err;	334	goto err;
@@ -293,19 +348,19 @@ static int copy_email(X509V3_CTX ctx, STACK_OF(GENERAL_NAME) gens)
293		348
294	err:	349	err:
295	GENERAL_NAME_free(gen);	350	GENERAL_NAME_free(gen);
296	ASN1_IA5STRING_free(email);	351	M_ASN1_IA5STRING_free(email);
297	return 0;	352	return 0;
298		353
299	}	354	}
300		355
301	STACK_OF(GENERAL_NAME) v2i_GENERAL_NAMES(X509V3_EXT_METHOD method,	356	GENERAL_NAMES v2i_GENERAL_NAMES(X509V3_EXT_METHOD method,
302	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)	357	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)
303	{	358	{
304	GENERAL_NAME *gen;	359	GENERAL_NAME *gen;
305	STACK_OF(GENERAL_NAME) *gens = NULL;	360	GENERAL_NAMES *gens = NULL;
306	CONF_VALUE *cnf;	361	CONF_VALUE *cnf;
307	int i;	362	int i;
308	if(!(gens = sk_GENERAL_NAME_new(NULL))) {	363	if(!(gens = sk_GENERAL_NAME_new_null())) {
309	X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);	364	X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
310	return NULL;	365	return NULL;
311	}	366	}
@@ -371,7 +426,7 @@ if(!name_cmp(name, "email")) {
371	goto err;	426	goto err;
372	}	427	}
373	ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;	428	ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;
374	if(!(gen->d.ip = ASN1_OCTET_STRING_new()) \|\|	429	if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) \|\|
375	!ASN1_STRING_set(gen->d.ip, ip, 4)) {	430	!ASN1_STRING_set(gen->d.ip, ip, 4)) {
376	X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);	431	X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
377	goto err;	432	goto err;
@@ -384,7 +439,7 @@ if(!name_cmp(name, "email")) {
384	}	439	}
385		440
386	if(is_string) {	441	if(is_string) {
387	if(!(gen->d.ia5 = ASN1_IA5STRING_new()) \|\|	442	if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) \|\|
388	!ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,	443	!ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
389	strlen(value))) {	444	strlen(value))) {
390	X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);	445	X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);