1 files changed, 123 insertions, 12 deletions
diff --git a/src/lib/libssl/src/crypto/x509v3/x509v3.h b/src/lib/libssl/src/crypto/x509v3/x509v3.h
index 4eb04a5a89..fe01755797 100644
--- a/src/lib/libssl/src/crypto/x509v3/x509v3.h
+++ b/src/lib/libssl/src/crypto/x509v3/x509v3.h
@@ -136,12 +136,6 @@ typedef struct v3_ext_ctx X509V3_CTX;
 #define X509V3_EXT_CTX_DEP      0x2
 #define X509V3_EXT_MULTILINE    0x4
-typedef struct BIT_STRING_BITNAME_st {
-int bitnum;
-const char *lname;
-const char *sname;
-} BIT_STRING_BITNAME;
 typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
 typedef struct BASIC_CONSTRAINTS_st {
@@ -155,6 +149,11 @@ ASN1_GENERALIZEDTIME *notBefore;
 ASN1_GENERALIZEDTIME *notAfter;
 } PKEY_USAGE_PERIOD;
+typedef struct otherName_st {
+ASN1_OBJECT *type_id;
+ASN1_TYPE *value;
+} OTHERNAME;
 typedef struct GENERAL_NAME_st {
 #define GEN_OTHERNAME   (0|V_ASN1_CONTEXT_SPECIFIC)
@@ -174,17 +173,26 @@ union {
        ASN1_OCTET_STRING *ip; /* iPAddress */
        X509_NAME *dirn;                /* dirn */
        ASN1_OBJECT *rid; /* registeredID */
-        ASN1_TYPE *other; /* otherName, ediPartyName, x400Address */
+        OTHERNAME *otherName; /* otherName */
+        ASN1_TYPE *other; /* ediPartyName, x400Address */
 } d;
 } GENERAL_NAME;
+typedef struct ACCESS_DESCRIPTION_st {
+ASN1_OBJECT *method;
+GENERAL_NAME *location;
+} ACCESS_DESCRIPTION;
 DECLARE_STACK_OF(GENERAL_NAME)
 DECLARE_ASN1_SET_OF(GENERAL_NAME)
+DECLARE_STACK_OF(ACCESS_DESCRIPTION)
+DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
 typedef struct DIST_POINT_NAME_st {
 /* NB: this is a CHOICE type and only one of these should be set */
 STACK_OF(GENERAL_NAME) *fullname;
-X509_NAME *relativename;
+STACK_OF(X509_NAME_ENTRY) *relativename;
 } DIST_POINT_NAME;
 typedef struct DIST_POINT_st {
@@ -255,8 +263,8 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 #define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
 #define EXT_BITSTRING(nid, table) { nid, 0, \
-                        (X509V3_EXT_NEW)asn1_bit_string_new, \
+                        (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
-                        (X509V3_EXT_FREE)ASN1_STRING_free, \
+                        (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
                        (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
                        (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
                        NULL, NULL, \
@@ -266,8 +274,8 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
                        (char *)table}
 #define EXT_IA5STRING(nid) { nid, 0, \
-                        (X509V3_EXT_NEW)ia5string_new, \
+                        (X509V3_EXT_NEW)ASN1_IA5STRING_new, \
-                        (X509V3_EXT_FREE)ASN1_STRING_free, \
+                        (X509V3_EXT_FREE)ASN1_IA5STRING_free, \
                        (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
                        (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
                        (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
@@ -279,6 +287,69 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
                         NULL, NULL, NULL, NULL, \
                         NULL}
+/* X509_PURPOSE stuff */
+#define EXFLAG_BCONS            0x1
+#define EXFLAG_KUSAGE           0x2
+#define EXFLAG_XKUSAGE          0x4
+#define EXFLAG_NSCERT           0x8
+#define EXFLAG_CA               0x10
+#define EXFLAG_SS               0x20
+#define EXFLAG_V1               0x40
+#define EXFLAG_INVALID          0x80
+#define EXFLAG_SET              0x100
+#define KU_DIGITAL_SIGNATURE    0x0080
+#define KU_NON_REPUDIATION      0x0040
+#define KU_KEY_ENCIPHERMENT     0x0020
+#define KU_DATA_ENCIPHERMENT    0x0010
+#define KU_KEY_AGREEMENT        0x0008
+#define KU_KEY_CERT_SIGN        0x0004
+#define KU_CRL_SIGN             0x0002
+#define KU_ENCIPHER_ONLY        0x0001
+#define KU_DECIPHER_ONLY        0x8000
+#define NS_SSL_CLIENT           0x80
+#define NS_SSL_SERVER           0x40
+#define NS_SMIME                0x20
+#define NS_OBJSIGN              0x10
+#define NS_SSL_CA               0x04
+#define NS_SMIME_CA             0x02
+#define NS_OBJSIGN_CA           0x01
+#define XKU_SSL_SERVER          0x1     
+#define XKU_SSL_CLIENT          0x2
+#define XKU_SMIME               0x4
+#define XKU_CODE_SIGN           0x8
+#define XKU_SGC                 0x10
+#define X509_PURPOSE_DYNAMIC    0x1
+#define X509_PURPOSE_DYNAMIC_NAME       0x2
+typedef struct x509_purpose_st {
+        int purpose;
+        int trust;              /* Default trust ID */
+        int flags;
+        int (*check_purpose)(struct x509_purpose_st *, X509 *, int);
+        char *name;
+        char *sname;
+        void *usr_data;
+} X509_PURPOSE;
+#define X509_PURPOSE_SSL_CLIENT         1
+#define X509_PURPOSE_SSL_SERVER         2
+#define X509_PURPOSE_NS_SSL_SERVER      3
+#define X509_PURPOSE_SMIME_SIGN         4
+#define X509_PURPOSE_SMIME_ENCRYPT      5
+#define X509_PURPOSE_CRL_SIGN           6
+#define X509_PURPOSE_MIN                1
+#define X509_PURPOSE_MAX                6
+DECLARE_STACK_OF(X509_PURPOSE)
 void ERR_load_X509V3_strings(void);
 int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
 BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
@@ -328,6 +399,11 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
+OTHERNAME *OTHERNAME_new(void);
+OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
+void OTHERNAME_free(OTHERNAME *a);
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
@@ -380,12 +456,27 @@ void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
 DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
             long length);
+int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp);
+ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
+void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
+ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
+             long length);
+STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void);
+void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
+STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
+                                         unsigned char **pp, long length);
+int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp);
 #ifdef HEADER_CONF_H
 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
 void X509V3_conf_free(CONF_VALUE *val);
 X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
 X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
 int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
 int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
 int X509V3_add_value_bool_nf(char *name, int asn1_bool,
                                                STACK_OF(CONF_VALUE) **extlist);
@@ -423,6 +514,8 @@ X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
 int X509V3_add_standard_extensions(void);
 STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line);
 void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
 X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
 char *hex_to_string(unsigned char *buffer, long len);
@@ -434,6 +527,20 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
 int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
 int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_PURPOSE_get_count(void);
+X509_PURPOSE * X509_PURPOSE_get0(int idx);
+int X509_PURPOSE_get_by_sname(char *sname);
+int X509_PURPOSE_get_by_id(int id);
+int X509_PURPOSE_add(int id, int trust, int flags,
+                        int (*ck)(X509_PURPOSE *, X509 *, int),
+                                char *name, char *sname, void *arg);
+char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
+char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
+int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+int X509_PURPOSE_get_id(X509_PURPOSE *);
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
 * made after this point may be overwritten when the script is next run.
@@ -449,6 +556,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #define X509V3_F_HEX_TO_STRING                           111
 #define X509V3_F_I2S_ASN1_ENUMERATED                     121
 #define X509V3_F_I2S_ASN1_INTEGER                        120
+#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS               138
 #define X509V3_F_NOTICE_SECTION                          132
 #define X509V3_F_NREF_NOS                                133
 #define X509V3_F_POLICY_SECTION                          131
@@ -464,6 +572,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #define X509V3_F_SXNET_ADD_ID_ULONG                      127
 #define X509V3_F_SXNET_GET_ID_ASC                        128
 #define X509V3_F_SXNET_GET_ID_ULONG                      129
+#define X509V3_F_V2I_ACCESS_DESCRIPTION                  139
 #define X509V3_F_V2I_ASN1_BIT_STRING                     101
 #define X509V3_F_V2I_AUTHORITY_KEYID                     119
 #define X509V3_F_V2I_BASIC_CONSTRAINTS                   102
@@ -479,6 +588,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #define X509V3_F_X509V3_EXT_I2D                          136
 #define X509V3_F_X509V3_GET_VALUE_BOOL                   110
 #define X509V3_F_X509V3_PARSE_LIST                       109
+#define X509V3_F_X509_PURPOSE_ADD                        137
 /* Reason codes. */
 #define X509V3_R_BAD_IP_ADDRESS                          118
@@ -506,6 +616,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #define X509V3_R_INVALID_OPTION                          138
 #define X509V3_R_INVALID_POLICY_IDENTIFIER               134
 #define X509V3_R_INVALID_SECTION                         135
+#define X509V3_R_INVALID_SYNTAX                          143
 #define X509V3_R_ISSUER_DECODE_ERROR                     126
 #define X509V3_R_MISSING_VALUE                           124
 #define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS           142

diff --git a/src/lib/libssl/src/crypto/x509v3/x509v3.h b/src/lib/libssl/src/crypto/x509v3/x509v3.h index 4eb04a5a89..fe01755797 100644 --- a/src/lib/libssl/src/crypto/x509v3/x509v3.h +++ b/src/lib/libssl/src/crypto/x509v3/x509v3.h
@@ -136,12 +136,6 @@ typedef struct v3_ext_ctx X509V3_CTX;
136	#define X509V3_EXT_CTX_DEP 0x2	136	#define X509V3_EXT_CTX_DEP 0x2
137	#define X509V3_EXT_MULTILINE 0x4	137	#define X509V3_EXT_MULTILINE 0x4
138		138
139	typedef struct BIT_STRING_BITNAME_st {
140	int bitnum;
141	const char *lname;
142	const char *sname;
143	} BIT_STRING_BITNAME;
144
145	typedef BIT_STRING_BITNAME ENUMERATED_NAMES;	139	typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
146		140
147	typedef struct BASIC_CONSTRAINTS_st {	141	typedef struct BASIC_CONSTRAINTS_st {
@@ -155,6 +149,11 @@ ASN1_GENERALIZEDTIME *notBefore;
155	ASN1_GENERALIZEDTIME *notAfter;	149	ASN1_GENERALIZEDTIME *notAfter;
156	} PKEY_USAGE_PERIOD;	150	} PKEY_USAGE_PERIOD;
157		151
		152	typedef struct otherName_st {
		153	ASN1_OBJECT *type_id;
		154	ASN1_TYPE *value;
		155	} OTHERNAME;
		156
158	typedef struct GENERAL_NAME_st {	157	typedef struct GENERAL_NAME_st {
159		158
160	#define GEN_OTHERNAME (0\|V_ASN1_CONTEXT_SPECIFIC)	159	#define GEN_OTHERNAME (0\|V_ASN1_CONTEXT_SPECIFIC)
@@ -174,17 +173,26 @@ union {
174	ASN1_OCTET_STRING ip; / iPAddress */	173	ASN1_OCTET_STRING ip; / iPAddress */
175	X509_NAME dirn; / dirn */	174	X509_NAME dirn; / dirn */
176	ASN1_OBJECT rid; / registeredID */	175	ASN1_OBJECT rid; / registeredID */
177	ASN1_TYPE other; / otherName, ediPartyName, x400Address */	176	OTHERNAME otherName; / otherName */
		177	ASN1_TYPE other; / ediPartyName, x400Address */
178	} d;	178	} d;
179	} GENERAL_NAME;	179	} GENERAL_NAME;
180		180
		181	typedef struct ACCESS_DESCRIPTION_st {
		182	ASN1_OBJECT *method;
		183	GENERAL_NAME *location;
		184	} ACCESS_DESCRIPTION;
		185
181	DECLARE_STACK_OF(GENERAL_NAME)	186	DECLARE_STACK_OF(GENERAL_NAME)
182	DECLARE_ASN1_SET_OF(GENERAL_NAME)	187	DECLARE_ASN1_SET_OF(GENERAL_NAME)
183		188
		189	DECLARE_STACK_OF(ACCESS_DESCRIPTION)
		190	DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
		191
184	typedef struct DIST_POINT_NAME_st {	192	typedef struct DIST_POINT_NAME_st {
185	/* NB: this is a CHOICE type and only one of these should be set */	193	/* NB: this is a CHOICE type and only one of these should be set */
186	STACK_OF(GENERAL_NAME) *fullname;	194	STACK_OF(GENERAL_NAME) *fullname;
187	X509_NAME *relativename;	195	STACK_OF(X509_NAME_ENTRY) *relativename;
188	} DIST_POINT_NAME;	196	} DIST_POINT_NAME;
189		197
190	typedef struct DIST_POINT_st {	198	typedef struct DIST_POINT_st {
@@ -255,8 +263,8 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
255	#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;	263	#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
256		264
257	#define EXT_BITSTRING(nid, table) { nid, 0, \	265	#define EXT_BITSTRING(nid, table) { nid, 0, \
258	(X509V3_EXT_NEW)asn1_bit_string_new, \	266	(X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
259	(X509V3_EXT_FREE)ASN1_STRING_free, \	267	(X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
260	(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \	268	(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
261	(X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \	269	(X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
262	NULL, NULL, \	270	NULL, NULL, \
@@ -266,8 +274,8 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
266	(char *)table}	274	(char *)table}
267		275
268	#define EXT_IA5STRING(nid) { nid, 0, \	276	#define EXT_IA5STRING(nid) { nid, 0, \
269	(X509V3_EXT_NEW)ia5string_new, \	277	(X509V3_EXT_NEW)ASN1_IA5STRING_new, \
270	(X509V3_EXT_FREE)ASN1_STRING_free, \	278	(X509V3_EXT_FREE)ASN1_IA5STRING_free, \
271	(X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \	279	(X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
272	(X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \	280	(X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
273	(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \	281	(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
@@ -279,6 +287,69 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
279	NULL, NULL, NULL, NULL, \	287	NULL, NULL, NULL, NULL, \
280	NULL}	288	NULL}
281		289
		290
		291	/* X509_PURPOSE stuff */
		292
		293	#define EXFLAG_BCONS 0x1
		294	#define EXFLAG_KUSAGE 0x2
		295	#define EXFLAG_XKUSAGE 0x4
		296	#define EXFLAG_NSCERT 0x8
		297
		298	#define EXFLAG_CA 0x10
		299	#define EXFLAG_SS 0x20
		300	#define EXFLAG_V1 0x40
		301	#define EXFLAG_INVALID 0x80
		302	#define EXFLAG_SET 0x100
		303
		304	#define KU_DIGITAL_SIGNATURE 0x0080
		305	#define KU_NON_REPUDIATION 0x0040
		306	#define KU_KEY_ENCIPHERMENT 0x0020
		307	#define KU_DATA_ENCIPHERMENT 0x0010
		308	#define KU_KEY_AGREEMENT 0x0008
		309	#define KU_KEY_CERT_SIGN 0x0004
		310	#define KU_CRL_SIGN 0x0002
		311	#define KU_ENCIPHER_ONLY 0x0001
		312	#define KU_DECIPHER_ONLY 0x8000
		313
		314	#define NS_SSL_CLIENT 0x80
		315	#define NS_SSL_SERVER 0x40
		316	#define NS_SMIME 0x20
		317	#define NS_OBJSIGN 0x10
		318	#define NS_SSL_CA 0x04
		319	#define NS_SMIME_CA 0x02
		320	#define NS_OBJSIGN_CA 0x01
		321
		322	#define XKU_SSL_SERVER 0x1
		323	#define XKU_SSL_CLIENT 0x2
		324	#define XKU_SMIME 0x4
		325	#define XKU_CODE_SIGN 0x8
		326	#define XKU_SGC 0x10
		327
		328	#define X509_PURPOSE_DYNAMIC 0x1
		329	#define X509_PURPOSE_DYNAMIC_NAME 0x2
		330
		331	typedef struct x509_purpose_st {
		332	int purpose;
		333	int trust; /* Default trust ID */
		334	int flags;
		335	int (check_purpose)(struct x509_purpose_st , X509 *, int);
		336	char *name;
		337	char *sname;
		338	void *usr_data;
		339	} X509_PURPOSE;
		340
		341	#define X509_PURPOSE_SSL_CLIENT 1
		342	#define X509_PURPOSE_SSL_SERVER 2
		343	#define X509_PURPOSE_NS_SSL_SERVER 3
		344	#define X509_PURPOSE_SMIME_SIGN 4
		345	#define X509_PURPOSE_SMIME_ENCRYPT 5
		346	#define X509_PURPOSE_CRL_SIGN 6
		347
		348	#define X509_PURPOSE_MIN 1
		349	#define X509_PURPOSE_MAX 6
		350
		351	DECLARE_STACK_OF(X509_PURPOSE)
		352
282	void ERR_load_X509V3_strings(void);	353	void ERR_load_X509V3_strings(void);
283	int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS a, unsigned char *pp);	354	int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS a, unsigned char *pp);
284	BASIC_CONSTRAINTS d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS a, unsigned char *pp, long length);	355	BASIC_CONSTRAINTS d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS a, unsigned char *pp, long length);
@@ -328,6 +399,11 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,
328	STACK_OF(GENERAL_NAME) v2i_GENERAL_NAMES(X509V3_EXT_METHOD method,	399	STACK_OF(GENERAL_NAME) v2i_GENERAL_NAMES(X509V3_EXT_METHOD method,
329	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);	400	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);
330		401
		402	int i2d_OTHERNAME(OTHERNAME a, unsigned char *pp);
		403	OTHERNAME *OTHERNAME_new(void);
		404	OTHERNAME d2i_OTHERNAME(OTHERNAME a, unsigned char *pp, long length);
		405	void OTHERNAME_free(OTHERNAME *a);
		406
331	char i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD method, ASN1_OCTET_STRING *ia5);	407	char i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD method, ASN1_OCTET_STRING *ia5);
332	ASN1_OCTET_STRING s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD method, X509V3_CTX ctx, char str);	408	ASN1_OCTET_STRING s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD method, X509V3_CTX ctx, char str);
333		409
@@ -380,12 +456,27 @@ void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
380	DIST_POINT_NAME d2i_DIST_POINT_NAME(DIST_POINT_NAME a, unsigned char *pp,	456	DIST_POINT_NAME d2i_DIST_POINT_NAME(DIST_POINT_NAME a, unsigned char *pp,
381	long length);	457	long length);
382		458
		459	int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION a, unsigned char *pp);
		460	ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
		461	void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
		462	ACCESS_DESCRIPTION d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION a, unsigned char *pp,
		463	long length);
		464
		465	STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void);
		466	void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
		467	STACK_OF(ACCESS_DESCRIPTION) d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a,
		468	unsigned char **pp, long length);
		469	int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) a, unsigned char *pp);
		470
		471
		472
383	#ifdef HEADER_CONF_H	473	#ifdef HEADER_CONF_H
384	GENERAL_NAME v2i_GENERAL_NAME(X509V3_EXT_METHOD method, X509V3_CTX ctx, CONF_VALUE cnf);	474	GENERAL_NAME v2i_GENERAL_NAME(X509V3_EXT_METHOD method, X509V3_CTX ctx, CONF_VALUE cnf);
385	void X509V3_conf_free(CONF_VALUE *val);	475	void X509V3_conf_free(CONF_VALUE *val);
386	X509_EXTENSION X509V3_EXT_conf_nid(LHASH conf, X509V3_CTX ctx, int ext_nid, char value);	476	X509_EXTENSION X509V3_EXT_conf_nid(LHASH conf, X509V3_CTX ctx, int ext_nid, char value);
387	X509_EXTENSION X509V3_EXT_conf(LHASH conf, X509V3_CTX ctx, char name, char *value);	477	X509_EXTENSION X509V3_EXT_conf(LHASH conf, X509V3_CTX ctx, char name, char *value);
388	int X509V3_EXT_add_conf(LHASH conf, X509V3_CTX ctx, char section, X509 cert);	478	int X509V3_EXT_add_conf(LHASH conf, X509V3_CTX ctx, char section, X509 cert);
		479	int X509V3_EXT_REQ_add_conf(LHASH conf, X509V3_CTX ctx, char section, X509_REQ req);
389	int X509V3_EXT_CRL_add_conf(LHASH conf, X509V3_CTX ctx, char section, X509_CRL crl);	480	int X509V3_EXT_CRL_add_conf(LHASH conf, X509V3_CTX ctx, char section, X509_CRL crl);
390	int X509V3_add_value_bool_nf(char *name, int asn1_bool,	481	int X509V3_add_value_bool_nf(char *name, int asn1_bool,
391	STACK_OF(CONF_VALUE) **extlist);	482	STACK_OF(CONF_VALUE) **extlist);
@@ -423,6 +514,8 @@ X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
423	int X509V3_add_standard_extensions(void);	514	int X509V3_add_standard_extensions(void);
424	STACK_OF(CONF_VALUE) X509V3_parse_list(char line);	515	STACK_OF(CONF_VALUE) X509V3_parse_list(char line);
425	void X509V3_EXT_d2i(X509_EXTENSION ext);	516	void X509V3_EXT_d2i(X509_EXTENSION ext);
		517	void X509V3_get_d2i(STACK_OF(X509_EXTENSION) x, int nid, int crit, int idx);
		518
426	X509_EXTENSION X509V3_EXT_i2d(int ext_nid, int crit, void ext_struc);	519	X509_EXTENSION X509V3_EXT_i2d(int ext_nid, int crit, void ext_struc);
427		520
428	char hex_to_string(unsigned char buffer, long len);	521	char hex_to_string(unsigned char buffer, long len);
@@ -434,6 +527,20 @@ void X509V3_EXT_val_prn(BIO out, STACK_OF(CONF_VALUE) val, int indent,
434	int X509V3_EXT_print(BIO out, X509_EXTENSION ext, int flag, int indent);	527	int X509V3_EXT_print(BIO out, X509_EXTENSION ext, int flag, int indent);
435	int X509V3_EXT_print_fp(FILE out, X509_EXTENSION ext, int flag, int indent);	528	int X509V3_EXT_print_fp(FILE out, X509_EXTENSION ext, int flag, int indent);
436		529
		530	int X509_check_purpose(X509 *x, int id, int ca);
		531	int X509_PURPOSE_get_count(void);
		532	X509_PURPOSE * X509_PURPOSE_get0(int idx);
		533	int X509_PURPOSE_get_by_sname(char *sname);
		534	int X509_PURPOSE_get_by_id(int id);
		535	int X509_PURPOSE_add(int id, int trust, int flags,
		536	int (ck)(X509_PURPOSE , X509 *, int),
		537	char name, char sname, void *arg);
		538	char X509_PURPOSE_get0_name(X509_PURPOSE xp);
		539	char X509_PURPOSE_get0_sname(X509_PURPOSE xp);
		540	int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
		541	void X509_PURPOSE_cleanup(void);
		542	int X509_PURPOSE_get_id(X509_PURPOSE *);
		543
437	/* BEGIN ERROR CODES */	544	/* BEGIN ERROR CODES */
438	/* The following lines are auto generated by the script mkerr.pl. Any changes	545	/* The following lines are auto generated by the script mkerr.pl. Any changes
439	* made after this point may be overwritten when the script is next run.	546	* made after this point may be overwritten when the script is next run.
@@ -449,6 +556,7 @@ int X509V3_EXT_print_fp(FILE out, X509_EXTENSION ext, int flag, int indent);
449	#define X509V3_F_HEX_TO_STRING 111	556	#define X509V3_F_HEX_TO_STRING 111
450	#define X509V3_F_I2S_ASN1_ENUMERATED 121	557	#define X509V3_F_I2S_ASN1_ENUMERATED 121
451	#define X509V3_F_I2S_ASN1_INTEGER 120	558	#define X509V3_F_I2S_ASN1_INTEGER 120
		559	#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
452	#define X509V3_F_NOTICE_SECTION 132	560	#define X509V3_F_NOTICE_SECTION 132
453	#define X509V3_F_NREF_NOS 133	561	#define X509V3_F_NREF_NOS 133
454	#define X509V3_F_POLICY_SECTION 131	562	#define X509V3_F_POLICY_SECTION 131
@@ -464,6 +572,7 @@ int X509V3_EXT_print_fp(FILE out, X509_EXTENSION ext, int flag, int indent);
464	#define X509V3_F_SXNET_ADD_ID_ULONG 127	572	#define X509V3_F_SXNET_ADD_ID_ULONG 127
465	#define X509V3_F_SXNET_GET_ID_ASC 128	573	#define X509V3_F_SXNET_GET_ID_ASC 128
466	#define X509V3_F_SXNET_GET_ID_ULONG 129	574	#define X509V3_F_SXNET_GET_ID_ULONG 129
		575	#define X509V3_F_V2I_ACCESS_DESCRIPTION 139
467	#define X509V3_F_V2I_ASN1_BIT_STRING 101	576	#define X509V3_F_V2I_ASN1_BIT_STRING 101
468	#define X509V3_F_V2I_AUTHORITY_KEYID 119	577	#define X509V3_F_V2I_AUTHORITY_KEYID 119
469	#define X509V3_F_V2I_BASIC_CONSTRAINTS 102	578	#define X509V3_F_V2I_BASIC_CONSTRAINTS 102
@@ -479,6 +588,7 @@ int X509V3_EXT_print_fp(FILE out, X509_EXTENSION ext, int flag, int indent);
479	#define X509V3_F_X509V3_EXT_I2D 136	588	#define X509V3_F_X509V3_EXT_I2D 136
480	#define X509V3_F_X509V3_GET_VALUE_BOOL 110	589	#define X509V3_F_X509V3_GET_VALUE_BOOL 110
481	#define X509V3_F_X509V3_PARSE_LIST 109	590	#define X509V3_F_X509V3_PARSE_LIST 109
		591	#define X509V3_F_X509_PURPOSE_ADD 137
482		592
483	/* Reason codes. */	593	/* Reason codes. */
484	#define X509V3_R_BAD_IP_ADDRESS 118	594	#define X509V3_R_BAD_IP_ADDRESS 118
@@ -506,6 +616,7 @@ int X509V3_EXT_print_fp(FILE out, X509_EXTENSION ext, int flag, int indent);
506	#define X509V3_R_INVALID_OPTION 138	616	#define X509V3_R_INVALID_OPTION 138
507	#define X509V3_R_INVALID_POLICY_IDENTIFIER 134	617	#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
508	#define X509V3_R_INVALID_SECTION 135	618	#define X509V3_R_INVALID_SECTION 135
		619	#define X509V3_R_INVALID_SYNTAX 143
509	#define X509V3_R_ISSUER_DECODE_ERROR 126	620	#define X509V3_R_ISSUER_DECODE_ERROR 126
510	#define X509V3_R_MISSING_VALUE 124	621	#define X509V3_R_MISSING_VALUE 124
511	#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142	622	#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142