1 files changed, 340 insertions, 0 deletions
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c
new file mode 100644
index 0000000000..0687bb4e3d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c
@@ -0,0 +1,340 @@
+/* v3_sxnet.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/x509v3.h>
+/* Support for Thawte strong extranet extension */
+#define SXNET_TEST
+static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
+#ifdef SXNET_TEST
+static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                                                STACK_OF(CONF_VALUE) *nval);
+#endif
+X509V3_EXT_METHOD v3_sxnet = {
+NID_sxnet, X509V3_EXT_MULTILINE,
+(X509V3_EXT_NEW)SXNET_new,
+(X509V3_EXT_FREE)SXNET_free,
+(X509V3_EXT_D2I)d2i_SXNET,
+(X509V3_EXT_I2D)i2d_SXNET,
+NULL, NULL,
+NULL, 
+#ifdef SXNET_TEST
+(X509V3_EXT_V2I)sxnet_v2i,
+#else
+NULL,
+#endif
+(X509V3_EXT_I2R)sxnet_i2r,
+NULL,
+NULL
+};
+int i2d_SXNET(SXNET *a, unsigned char **pp)
+{
+        M_ASN1_I2D_vars(a);
+        M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
+        M_ASN1_I2D_seq_total();
+        M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
+        M_ASN1_I2D_finish();
+}
+SXNET *SXNET_new(void)
+{
+        SXNET *ret=NULL;
+        ASN1_CTX c;
+        M_ASN1_New_Malloc(ret, SXNET);
+        M_ASN1_New(ret->version,ASN1_INTEGER_new);
+        M_ASN1_New(ret->ids,sk_SXNETID_new_null);
+        return (ret);
+        M_ASN1_New_Error(ASN1_F_SXNET_NEW);
+}
+SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length)
+{
+        M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
+        M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+        M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
+        M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
+        M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
+}
+void SXNET_free(SXNET *a)
+{
+        if (a == NULL) return;
+        ASN1_INTEGER_free(a->version);
+        sk_SXNETID_pop_free(a->ids, SXNETID_free);
+        Free (a);
+}
+int i2d_SXNETID(SXNETID *a, unsigned char **pp)
+{
+        M_ASN1_I2D_vars(a);
+        M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_seq_total();
+        M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_finish();
+}
+SXNETID *SXNETID_new(void)
+{
+        SXNETID *ret=NULL;
+        ASN1_CTX c;
+        M_ASN1_New_Malloc(ret, SXNETID);
+        ret->zone = NULL;
+        M_ASN1_New(ret->user,ASN1_OCTET_STRING_new);
+        return (ret);
+        M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
+}
+SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length)
+{
+        M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
+        M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+        M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
+        M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
+        M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
+}
+void SXNETID_free(SXNETID *a)
+{
+        if (a == NULL) return;
+        ASN1_INTEGER_free(a->zone);
+        ASN1_OCTET_STRING_free(a->user);
+        Free (a);
+}
+static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
+             int indent)
+{
+        long v;
+        char *tmp;
+        SXNETID *id;
+        int i;
+        v = ASN1_INTEGER_get(sx->version);
+        BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v);
+        for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
+                id = sk_SXNETID_value(sx->ids, i);
+                tmp = i2s_ASN1_INTEGER(NULL, id->zone);
+                BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
+                Free(tmp);
+                ASN1_OCTET_STRING_print(out, id->user);
+        }
+        return 1;
+}
+#ifdef SXNET_TEST
+/* NBB: this is used for testing only. It should *not* be used for anything
+ * else because it will just take static IDs from the configuration file and
+ * they should really be separate values for each user.
+ */
+static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+             STACK_OF(CONF_VALUE) *nval)
+{
+        CONF_VALUE *cnf;
+        SXNET *sx = NULL;
+        int i;
+        for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+                cnf = sk_CONF_VALUE_value(nval, i);
+                if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
+                                                                 return NULL;
+        }
+        return sx;
+}
+                
+        
+#endif
+/* Strong Extranet utility functions */
+/* Add an id given the zone as an ASCII number */
+int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
+             int userlen)
+{
+        ASN1_INTEGER *izone = NULL;
+        if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
+                X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
+                return 0;
+        }
+        return SXNET_add_id_INTEGER(psx, izone, user, userlen);
+}
+/* Add an id given the zone as an unsigned long */
+int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
+             int userlen)
+{
+        ASN1_INTEGER *izone = NULL;
+        if(!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
+                X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
+                ASN1_INTEGER_free(izone);
+                return 0;
+        }
+        return SXNET_add_id_INTEGER(psx, izone, user, userlen);
+        
+}
+/* Add an id given the zone as an ASN1_INTEGER.
+ * Note this version uses the passed integer and doesn't make a copy so don't
+ * free it up afterwards.
+ */
+int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
+             int userlen)
+{
+        SXNET *sx = NULL;
+        SXNETID *id = NULL;
+        if(!psx || !zone || !user) {
+                X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
+                return 0;
+        }
+        if(userlen == -1) userlen = strlen(user);
+        if(userlen > 64) {
+                X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
+                return 0;
+        }
+        if(!*psx) {
+                if(!(sx = SXNET_new())) goto err;
+                if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
+                *psx = sx;
+        } else sx = *psx;
+        if(SXNET_get_id_INTEGER(sx, zone)) {
+                X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
+                return 0;
+        }
+        if(!(id = SXNETID_new())) goto err;
+        if(userlen == -1) userlen = strlen(user);
+                
+        if(!ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
+        if(!sk_SXNETID_push(sx->ids, id)) goto err;
+        id->zone = zone;
+        return 1;
+        
+        err:
+        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
+        SXNETID_free(id);
+        SXNET_free(sx);
+        *psx = NULL;
+        return 0;
+}
+ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
+{
+        ASN1_INTEGER *izone = NULL;
+        ASN1_OCTET_STRING *oct;
+        if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
+                X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
+                return NULL;
+        }
+        oct = SXNET_get_id_INTEGER(sx, izone);
+        ASN1_INTEGER_free(izone);
+        return oct;
+}
+ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
+{
+        ASN1_INTEGER *izone = NULL;
+        ASN1_OCTET_STRING *oct;
+        if(!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
+                X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
+                ASN1_INTEGER_free(izone);
+                return NULL;
+        }
+        oct = SXNET_get_id_INTEGER(sx, izone);
+        ASN1_INTEGER_free(izone);
+        return oct;
+}
+ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
+{
+        SXNETID *id;
+        int i;
+        for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
+                id = sk_SXNETID_value(sx->ids, i);
+                if(!ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
+        }
+        return NULL;
+}
+IMPLEMENT_STACK_OF(SXNETID)
+IMPLEMENT_ASN1_SET_OF(SXNETID)

diff --git a/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c new file mode 100644 index 0000000000..0687bb4e3d --- /dev/null +++ b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c
@@ -0,0 +1,340 @@
	1	/* v3_sxnet.c */
	2	/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
	3	* project 1999.
	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	#include <stdio.h>
	60	#include "cryptlib.h"
	61	#include <openssl/conf.h>
	62	#include <openssl/asn1.h>
	63	#include <openssl/asn1_mac.h>
	64	#include <openssl/x509v3.h>
	65
	66	/* Support for Thawte strong extranet extension */
	67
	68	#define SXNET_TEST
	69
	70	static int sxnet_i2r(X509V3_EXT_METHOD method, SXNET sx, BIO *out, int indent);
	71	#ifdef SXNET_TEST
	72	static SXNET * sxnet_v2i(X509V3_EXT_METHOD method, X509V3_CTX ctx,
	73	STACK_OF(CONF_VALUE) *nval);
	74	#endif
	75	X509V3_EXT_METHOD v3_sxnet = {
	76	NID_sxnet, X509V3_EXT_MULTILINE,
	77	(X509V3_EXT_NEW)SXNET_new,
	78	(X509V3_EXT_FREE)SXNET_free,
	79	(X509V3_EXT_D2I)d2i_SXNET,
	80	(X509V3_EXT_I2D)i2d_SXNET,
	81	NULL, NULL,
	82	NULL,
	83	#ifdef SXNET_TEST
	84	(X509V3_EXT_V2I)sxnet_v2i,
	85	#else
	86	NULL,
	87	#endif
	88	(X509V3_EXT_I2R)sxnet_i2r,
	89	NULL,
	90	NULL
	91	};
	92
	93
	94	int i2d_SXNET(SXNET a, unsigned char *pp)
	95	{
	96	M_ASN1_I2D_vars(a);
	97
	98	M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
	99	M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
	100
	101	M_ASN1_I2D_seq_total();
	102
	103	M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
	104	M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
	105
	106	M_ASN1_I2D_finish();
	107	}
	108
	109	SXNET *SXNET_new(void)
	110	{
	111	SXNET *ret=NULL;
	112	ASN1_CTX c;
	113	M_ASN1_New_Malloc(ret, SXNET);
	114	M_ASN1_New(ret->version,ASN1_INTEGER_new);
	115	M_ASN1_New(ret->ids,sk_SXNETID_new_null);
	116	return (ret);
	117	M_ASN1_New_Error(ASN1_F_SXNET_NEW);
	118	}
	119
	120	SXNET d2i_SXNET(SXNET a, unsigned char *pp, long length)
	121	{
	122	M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
	123	M_ASN1_D2I_Init();
	124	M_ASN1_D2I_start_sequence();
	125	M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
	126	M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
	127	M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
	128	}
	129
	130	void SXNET_free(SXNET *a)
	131	{
	132	if (a == NULL) return;
	133	ASN1_INTEGER_free(a->version);
	134	sk_SXNETID_pop_free(a->ids, SXNETID_free);
	135	Free (a);
	136	}
	137
	138	int i2d_SXNETID(SXNETID a, unsigned char *pp)
	139	{
	140	M_ASN1_I2D_vars(a);
	141
	142	M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
	143	M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
	144
	145	M_ASN1_I2D_seq_total();
	146
	147	M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
	148	M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
	149
	150	M_ASN1_I2D_finish();
	151	}
	152
	153	SXNETID *SXNETID_new(void)
	154	{
	155	SXNETID *ret=NULL;
	156	ASN1_CTX c;
	157	M_ASN1_New_Malloc(ret, SXNETID);
	158	ret->zone = NULL;
	159	M_ASN1_New(ret->user,ASN1_OCTET_STRING_new);
	160	return (ret);
	161	M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
	162	}
	163
	164	SXNETID d2i_SXNETID(SXNETID a, unsigned char *pp, long length)
	165	{
	166	M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
	167	M_ASN1_D2I_Init();
	168	M_ASN1_D2I_start_sequence();
	169	M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
	170	M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
	171	M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
	172	}
	173
	174	void SXNETID_free(SXNETID *a)
	175	{
	176	if (a == NULL) return;
	177	ASN1_INTEGER_free(a->zone);
	178	ASN1_OCTET_STRING_free(a->user);
	179	Free (a);
	180	}
	181
	182	static int sxnet_i2r(X509V3_EXT_METHOD method, SXNET sx, BIO *out,
	183	int indent)
	184	{
	185	long v;
	186	char *tmp;
	187	SXNETID *id;
	188	int i;
	189	v = ASN1_INTEGER_get(sx->version);
	190	BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v);
	191	for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
	192	id = sk_SXNETID_value(sx->ids, i);
	193	tmp = i2s_ASN1_INTEGER(NULL, id->zone);
	194	BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
	195	Free(tmp);
	196	ASN1_OCTET_STRING_print(out, id->user);
	197	}
	198	return 1;
	199	}
	200
	201	#ifdef SXNET_TEST
	202
	203	/* NBB: this is used for testing only. It should not be used for anything
	204	* else because it will just take static IDs from the configuration file and
	205	* they should really be separate values for each user.
	206	*/
	207
	208
	209	static SXNET * sxnet_v2i(X509V3_EXT_METHOD method, X509V3_CTX ctx,
	210	STACK_OF(CONF_VALUE) *nval)
	211	{
	212	CONF_VALUE *cnf;
	213	SXNET *sx = NULL;
	214	int i;
	215	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
	216	cnf = sk_CONF_VALUE_value(nval, i);
	217	if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
	218	return NULL;
	219	}
	220	return sx;
	221	}
	222
	223
	224	#endif
	225
	226	/* Strong Extranet utility functions */
	227
	228	/* Add an id given the zone as an ASCII number */
	229
	230	int SXNET_add_id_asc(SXNET *psx, char zone, char *user,
	231	int userlen)
	232	{
	233	ASN1_INTEGER *izone = NULL;
	234	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
	235	X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
	236	return 0;
	237	}
	238	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
	239	}
	240
	241	/* Add an id given the zone as an unsigned long */
	242
	243	int SXNET_add_id_ulong(SXNET *psx, unsigned long lzone, char user,
	244	int userlen)
	245	{
	246	ASN1_INTEGER *izone = NULL;
	247	if(!(izone = ASN1_INTEGER_new()) \|\| !ASN1_INTEGER_set(izone, lzone)) {
	248	X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
	249	ASN1_INTEGER_free(izone);
	250	return 0;
	251	}
	252	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
	253
	254	}
	255
	256	/* Add an id given the zone as an ASN1_INTEGER.
	257	* Note this version uses the passed integer and doesn't make a copy so don't
	258	* free it up afterwards.
	259	*/
	260
	261	int SXNET_add_id_INTEGER(SXNET *psx, ASN1_INTEGER zone, char *user,
	262	int userlen)
	263	{
	264	SXNET *sx = NULL;
	265	SXNETID *id = NULL;
	266	if(!psx \|\| !zone \|\| !user) {
	267	X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
	268	return 0;
	269	}
	270	if(userlen == -1) userlen = strlen(user);
	271	if(userlen > 64) {
	272	X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
	273	return 0;
	274	}
	275	if(!*psx) {
	276	if(!(sx = SXNET_new())) goto err;
	277	if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
	278	*psx = sx;
	279	} else sx = *psx;
	280	if(SXNET_get_id_INTEGER(sx, zone)) {
	281	X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
	282	return 0;
	283	}
	284
	285	if(!(id = SXNETID_new())) goto err;
	286	if(userlen == -1) userlen = strlen(user);
	287
	288	if(!ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
	289	if(!sk_SXNETID_push(sx->ids, id)) goto err;
	290	id->zone = zone;
	291	return 1;
	292
	293	err:
	294	X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
	295	SXNETID_free(id);
	296	SXNET_free(sx);
	297	*psx = NULL;
	298	return 0;
	299	}
	300
	301	ASN1_OCTET_STRING SXNET_get_id_asc(SXNET sx, char *zone)
	302	{
	303	ASN1_INTEGER *izone = NULL;
	304	ASN1_OCTET_STRING *oct;
	305	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
	306	X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
	307	return NULL;
	308	}
	309	oct = SXNET_get_id_INTEGER(sx, izone);
	310	ASN1_INTEGER_free(izone);
	311	return oct;
	312	}
	313
	314	ASN1_OCTET_STRING SXNET_get_id_ulong(SXNET sx, unsigned long lzone)
	315	{
	316	ASN1_INTEGER *izone = NULL;
	317	ASN1_OCTET_STRING *oct;
	318	if(!(izone = ASN1_INTEGER_new()) \|\| !ASN1_INTEGER_set(izone, lzone)) {
	319	X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
	320	ASN1_INTEGER_free(izone);
	321	return NULL;
	322	}
	323	oct = SXNET_get_id_INTEGER(sx, izone);
	324	ASN1_INTEGER_free(izone);
	325	return oct;
	326	}
	327
	328	ASN1_OCTET_STRING SXNET_get_id_INTEGER(SXNET sx, ASN1_INTEGER *zone)
	329	{
	330	SXNETID *id;
	331	int i;
	332	for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
	333	id = sk_SXNETID_value(sx->ids, i);
	334	if(!ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
	335	}
	336	return NULL;
	337	}
	338
	339	IMPLEMENT_STACK_OF(SXNETID)
	340	IMPLEMENT_ASN1_SET_OF(SXNETID)