summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/x509v3/v3_ia5.c59
-rw-r--r--src/lib/libcrypto/x509v3/v3_info.c129
-rw-r--r--src/lib/libcrypto/x509v3/v3_int.c35
-rw-r--r--src/lib/libcrypto/x509v3/v3_lib.c179
-rw-r--r--src/lib/libcrypto/x509v3/v3conf.c30
-rw-r--r--src/lib/libcrypto/x509v3/v3err.c299
-rw-r--r--src/lib/libcrypto/x509v3/v3prin.c21
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_ia5.c59
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_info.c129
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_int.c35
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_lib.c179
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3conf.c30
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3err.c299
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3prin.c21
14 files changed, 818 insertions, 686 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c
index 98789b36e9..090fe49b20 100644
--- a/src/lib/libcrypto/x509v3/v3_ia5.c
+++ b/src/lib/libcrypto/x509v3/v3_ia5.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -64,26 +64,29 @@
64#include <openssl/x509v3.h> 64#include <openssl/x509v3.h>
65 65
66static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); 66static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
67static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); 67static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
68const X509V3_EXT_METHOD v3_ns_ia5_list[] = { 68 X509V3_CTX *ctx, char *str);
69EXT_IA5STRING(NID_netscape_base_url),
70EXT_IA5STRING(NID_netscape_revocation_url),
71EXT_IA5STRING(NID_netscape_ca_revocation_url),
72EXT_IA5STRING(NID_netscape_renewal_url),
73EXT_IA5STRING(NID_netscape_ca_policy_url),
74EXT_IA5STRING(NID_netscape_ssl_server_name),
75EXT_IA5STRING(NID_netscape_comment),
76EXT_END
77};
78 69
70const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
71 EXT_IA5STRING(NID_netscape_base_url),
72 EXT_IA5STRING(NID_netscape_revocation_url),
73 EXT_IA5STRING(NID_netscape_ca_revocation_url),
74 EXT_IA5STRING(NID_netscape_renewal_url),
75 EXT_IA5STRING(NID_netscape_ca_policy_url),
76 EXT_IA5STRING(NID_netscape_ssl_server_name),
77 EXT_IA5STRING(NID_netscape_comment),
78 EXT_END
79};
79 80
80static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, 81static char *
81 ASN1_IA5STRING *ia5) 82i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
82{ 83{
83 char *tmp; 84 char *tmp;
84 if(!ia5 || !ia5->length) return NULL; 85
85 if(!(tmp = malloc(ia5->length + 1))) { 86 if (!ia5 || !ia5->length)
86 X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); 87 return NULL;
88 if (!(tmp = malloc(ia5->length + 1))) {
89 X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
87 return NULL; 90 return NULL;
88 } 91 }
89 memcpy(tmp, ia5->data, ia5->length); 92 memcpy(tmp, ia5->data, ia5->length);
@@ -91,23 +94,25 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
91 return tmp; 94 return tmp;
92} 95}
93 96
94static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, 97static ASN1_IA5STRING *
95 X509V3_CTX *ctx, char *str) 98s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
96{ 99{
97 ASN1_IA5STRING *ia5; 100 ASN1_IA5STRING *ia5;
98 if(!str) { 101 if (!str) {
99 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT); 102 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
103 X509V3_R_INVALID_NULL_ARGUMENT);
100 return NULL; 104 return NULL;
101 } 105 }
102 if(!(ia5 = M_ASN1_IA5STRING_new())) goto err; 106 if (!(ia5 = M_ASN1_IA5STRING_new()))
103 if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str, 107 goto err;
104 strlen(str))) { 108 if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
109 strlen(str))) {
105 M_ASN1_IA5STRING_free(ia5); 110 M_ASN1_IA5STRING_free(ia5);
106 goto err; 111 goto err;
107 } 112 }
108 return ia5; 113 return ia5;
109 err: 114
110 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); 115err:
116 X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
111 return NULL; 117 return NULL;
112} 118}
113
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index c9d6c97b51..7853e3e23b 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -63,29 +63,33 @@
63#include <openssl/asn1t.h> 63#include <openssl/asn1t.h>
64#include <openssl/x509v3.h> 64#include <openssl/x509v3.h>
65 65
66static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 66static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
67 AUTHORITY_INFO_ACCESS *ainfo, 67 X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
68 STACK_OF(CONF_VALUE) *ret); 68 STACK_OF(CONF_VALUE) *ret);
69static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 69static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(
70 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 70 X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
71 71
72const X509V3_EXT_METHOD v3_info = 72const X509V3_EXT_METHOD v3_info = {
73{ NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 73 NID_info_access, X509V3_EXT_MULTILINE,
740,0,0,0, 74 ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
750,0, 75 0, 0, 0, 0,
76(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, 76 0, 0,
77(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, 77 (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
780,0, 78 (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
79NULL}; 79 0, 0,
80 80 NULL
81const X509V3_EXT_METHOD v3_sinfo = 81};
82{ NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 82
830,0,0,0, 83const X509V3_EXT_METHOD v3_sinfo = {
840,0, 84 NID_sinfo_access, X509V3_EXT_MULTILINE,
85(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, 85 ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
86(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, 86 0, 0, 0, 0,
870,0, 87 0, 0,
88NULL}; 88 (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
89 (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
90 0, 0,
91 NULL
92};
89 93
90ASN1_SEQUENCE(ACCESS_DESCRIPTION) = { 94ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
91 ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT), 95 ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
@@ -94,31 +98,34 @@ ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
94 98
95IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) 99IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
96 100
97ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) = 101ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
98 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION) 102 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames,
103 ACCESS_DESCRIPTION)
99ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS) 104ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
100 105
101IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) 106IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
102 107
103static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 108static STACK_OF(CONF_VALUE) *
104 AUTHORITY_INFO_ACCESS *ainfo, 109i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
105 STACK_OF(CONF_VALUE) *ret) 110 AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret)
106{ 111{
107 ACCESS_DESCRIPTION *desc; 112 ACCESS_DESCRIPTION *desc;
108 int i,nlen; 113 int i, nlen;
109 char objtmp[80], *ntmp; 114 char objtmp[80], *ntmp;
110 CONF_VALUE *vtmp; 115 CONF_VALUE *vtmp;
111 for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { 116
117 for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
112 desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); 118 desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
113 ret = i2v_GENERAL_NAME(method, desc->location, ret); 119 ret = i2v_GENERAL_NAME(method, desc->location, ret);
114 if(!ret) break; 120 if (!ret)
121 break;
115 vtmp = sk_CONF_VALUE_value(ret, i); 122 vtmp = sk_CONF_VALUE_value(ret, i);
116 i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); 123 i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
117 nlen = strlen(objtmp) + strlen(vtmp->name) + 5; 124 nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
118 ntmp = malloc(nlen); 125 ntmp = malloc(nlen);
119 if(!ntmp) { 126 if (!ntmp) {
120 X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, 127 X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
121 ERR_R_MALLOC_FAILURE); 128 ERR_R_MALLOC_FAILURE);
122 return NULL; 129 return NULL;
123 } 130 }
124 strlcpy(ntmp, objtmp, nlen); 131 strlcpy(ntmp, objtmp, nlen);
@@ -126,49 +133,57 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method
126 strlcat(ntmp, vtmp->name, nlen); 133 strlcat(ntmp, vtmp->name, nlen);
127 free(vtmp->name); 134 free(vtmp->name);
128 vtmp->name = ntmp; 135 vtmp->name = ntmp;
129 136
130 } 137 }
131 if(!ret) return sk_CONF_VALUE_new_null(); 138 if (!ret)
139 return sk_CONF_VALUE_new_null();
132 return ret; 140 return ret;
133} 141}
134 142
135static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 143static AUTHORITY_INFO_ACCESS *
136 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) 144v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
145 STACK_OF(CONF_VALUE) *nval)
137{ 146{
138 AUTHORITY_INFO_ACCESS *ainfo = NULL; 147 AUTHORITY_INFO_ACCESS *ainfo = NULL;
139 CONF_VALUE *cnf, ctmp; 148 CONF_VALUE *cnf, ctmp;
140 ACCESS_DESCRIPTION *acc; 149 ACCESS_DESCRIPTION *acc;
141 int i, objlen; 150 int i, objlen;
142 char *objtmp, *ptmp; 151 char *objtmp, *ptmp;
143 if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { 152
144 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); 153 if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
154 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
155 ERR_R_MALLOC_FAILURE);
145 return NULL; 156 return NULL;
146 } 157 }
147 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { 158 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
148 cnf = sk_CONF_VALUE_value(nval, i); 159 cnf = sk_CONF_VALUE_value(nval, i);
149 if(!(acc = ACCESS_DESCRIPTION_new()) 160 if (!(acc = ACCESS_DESCRIPTION_new()) ||
150 || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { 161 !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
151 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); 162 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
163 ERR_R_MALLOC_FAILURE);
152 goto err; 164 goto err;
153 } 165 }
154 ptmp = strchr(cnf->name, ';'); 166 ptmp = strchr(cnf->name, ';');
155 if(!ptmp) { 167 if (!ptmp) {
156 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX); 168 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
169 X509V3_R_INVALID_SYNTAX);
157 goto err; 170 goto err;
158 } 171 }
159 objlen = ptmp - cnf->name; 172 objlen = ptmp - cnf->name;
160 ctmp.name = ptmp + 1; 173 ctmp.name = ptmp + 1;
161 ctmp.value = cnf->value; 174 ctmp.value = cnf->value;
162 if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) 175 if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
163 goto err; 176 goto err;
164 if(!(objtmp = malloc(objlen + 1))) { 177 if (!(objtmp = malloc(objlen + 1))) {
165 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); 178 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
179 ERR_R_MALLOC_FAILURE);
166 goto err; 180 goto err;
167 } 181 }
168 strlcpy(objtmp, cnf->name, objlen + 1); 182 strlcpy(objtmp, cnf->name, objlen + 1);
169 acc->method = OBJ_txt2obj(objtmp, 0); 183 acc->method = OBJ_txt2obj(objtmp, 0);
170 if(!acc->method) { 184 if (!acc->method) {
171 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT); 185 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
186 X509V3_R_BAD_OBJECT);
172 ERR_add_error_data(2, "value=", objtmp); 187 ERR_add_error_data(2, "value=", objtmp);
173 free(objtmp); 188 free(objtmp);
174 goto err; 189 goto err;
@@ -177,16 +192,18 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
177 192
178 } 193 }
179 return ainfo; 194 return ainfo;
180 err: 195
196err:
181 sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free); 197 sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
182 return NULL; 198 return NULL;
183} 199}
184 200
185int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) 201int
186 { 202i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
203{
187 i2a_ASN1_OBJECT(bp, a->method); 204 i2a_ASN1_OBJECT(bp, a->method);
188#ifdef UNDEF 205#ifdef UNDEF
189 i2a_GENERAL_NAME(bp, a->location); 206 i2a_GENERAL_NAME(bp, a->location);
190#endif 207#endif
191 return 2; 208 return 2;
192 } 209}
diff --git a/src/lib/libcrypto/x509v3/v3_int.c b/src/lib/libcrypto/x509v3/v3_int.c
index 4bfd14cf46..51f9e5cdc6 100644
--- a/src/lib/libcrypto/x509v3/v3_int.c
+++ b/src/lib/libcrypto/x509v3/v3_int.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -60,30 +60,35 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/x509v3.h> 61#include <openssl/x509v3.h>
62 62
63const X509V3_EXT_METHOD v3_crl_num = { 63const X509V3_EXT_METHOD v3_crl_num = {
64 NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), 64 NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
65 0,0,0,0, 65 0, 0, 0, 0,
66 (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 66 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
67 0, 67 0,
68 0,0,0,0, NULL}; 68 0, 0, 0, 0,
69 NULL
70};
69 71
70const X509V3_EXT_METHOD v3_delta_crl = { 72const X509V3_EXT_METHOD v3_delta_crl = {
71 NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), 73 NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
72 0,0,0,0, 74 0, 0, 0, 0,
73 (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 75 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
74 0, 76 0,
75 0,0,0,0, NULL}; 77 0, 0, 0, 0,
78 NULL
79};
76 80
77static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value) 81static void *
78 { 82s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
83{
79 return s2i_ASN1_INTEGER(meth, value); 84 return s2i_ASN1_INTEGER(meth, value);
80 } 85}
81 86
82const X509V3_EXT_METHOD v3_inhibit_anyp = { 87const X509V3_EXT_METHOD v3_inhibit_anyp = {
83 NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER), 88 NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
84 0,0,0,0, 89 0, 0, 0, 0,
85 (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 90 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
86 (X509V3_EXT_S2I)s2i_asn1_int, 91 (X509V3_EXT_S2I)s2i_asn1_int,
87 0,0,0,0, NULL}; 92 0, 0, 0, 0,
88 93 NULL
89 94};
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c
index 8d5e6ee911..3f610cdaa3 100644
--- a/src/lib/libcrypto/x509v3/v3_lib.c
+++ b/src/lib/libcrypto/x509v3/v3_lib.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -67,74 +67,87 @@
67static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL; 67static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
68 68
69static int ext_cmp(const X509V3_EXT_METHOD * const *a, 69static int ext_cmp(const X509V3_EXT_METHOD * const *a,
70 const X509V3_EXT_METHOD * const *b); 70 const X509V3_EXT_METHOD * const *b);
71static void ext_list_free(X509V3_EXT_METHOD *ext); 71static void ext_list_free(X509V3_EXT_METHOD *ext);
72 72
73int X509V3_EXT_add(X509V3_EXT_METHOD *ext) 73int
74X509V3_EXT_add(X509V3_EXT_METHOD *ext)
74{ 75{
75 if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) { 76 if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
76 X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); 77 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
77 return 0; 78 return 0;
78 } 79 }
79 if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { 80 if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
80 X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); 81 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
81 return 0; 82 return 0;
82 } 83 }
83 return 1; 84 return 1;
84} 85}
85 86
86static int ext_cmp(const X509V3_EXT_METHOD * const *a, 87static int
87 const X509V3_EXT_METHOD * const *b) 88ext_cmp(const X509V3_EXT_METHOD * const *a, const X509V3_EXT_METHOD * const *b)
88{ 89{
89 return ((*a)->ext_nid - (*b)->ext_nid); 90 return ((*a)->ext_nid - (*b)->ext_nid);
90} 91}
91 92
92DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, const X509V3_EXT_METHOD *, 93DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
93 ext); 94 const X509V3_EXT_METHOD *, ext);
94IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, 95IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
95 const X509V3_EXT_METHOD *, ext); 96 const X509V3_EXT_METHOD *, ext);
96 97
97const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) 98const X509V3_EXT_METHOD *
99X509V3_EXT_get_nid(int nid)
98{ 100{
99 X509V3_EXT_METHOD tmp; 101 X509V3_EXT_METHOD tmp;
100 const X509V3_EXT_METHOD *t = &tmp, * const *ret; 102 const X509V3_EXT_METHOD *t = &tmp, * const *ret;
101 int idx; 103 int idx;
102 if(nid < 0) return NULL; 104
105 if (nid < 0)
106 return NULL;
103 tmp.ext_nid = nid; 107 tmp.ext_nid = nid;
104 ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT); 108 ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
105 if(ret) return *ret; 109 if (ret)
106 if(!ext_list) return NULL; 110 return *ret;
111 if (!ext_list)
112 return NULL;
107 idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp); 113 idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
108 if(idx == -1) return NULL; 114 if (idx == -1)
115 return NULL;
109 return sk_X509V3_EXT_METHOD_value(ext_list, idx); 116 return sk_X509V3_EXT_METHOD_value(ext_list, idx);
110} 117}
111 118
112const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext) 119const X509V3_EXT_METHOD *
120X509V3_EXT_get(X509_EXTENSION *ext)
113{ 121{
114 int nid; 122 int nid;
115 if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL; 123
124 if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
125 return NULL;
116 return X509V3_EXT_get_nid(nid); 126 return X509V3_EXT_get_nid(nid);
117} 127}
118 128
119 129int
120int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist) 130X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
121{ 131{
122 for(;extlist->ext_nid!=-1;extlist++) 132 for (; extlist->ext_nid!=-1; extlist++)
123 if(!X509V3_EXT_add(extlist)) return 0; 133 if (!X509V3_EXT_add(extlist))
134 return 0;
124 return 1; 135 return 1;
125} 136}
126 137
127int X509V3_EXT_add_alias(int nid_to, int nid_from) 138int
139X509V3_EXT_add_alias(int nid_to, int nid_from)
128{ 140{
129 const X509V3_EXT_METHOD *ext; 141 const X509V3_EXT_METHOD *ext;
130 X509V3_EXT_METHOD *tmpext; 142 X509V3_EXT_METHOD *tmpext;
131 143
132 if(!(ext = X509V3_EXT_get_nid(nid_from))) { 144 if (!(ext = X509V3_EXT_get_nid(nid_from))) {
133 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); 145 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
146 X509V3_R_EXTENSION_NOT_FOUND);
134 return 0; 147 return 0;
135 } 148 }
136 if(!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) { 149 if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
137 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); 150 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
138 return 0; 151 return 0;
139 } 152 }
140 *tmpext = *ext; 153 *tmpext = *ext;
@@ -143,36 +156,44 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from)
143 return X509V3_EXT_add(tmpext); 156 return X509V3_EXT_add(tmpext);
144} 157}
145 158
146void X509V3_EXT_cleanup(void) 159void
160X509V3_EXT_cleanup(void)
147{ 161{
148 sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free); 162 sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
149 ext_list = NULL; 163 ext_list = NULL;
150} 164}
151 165
152static void ext_list_free(X509V3_EXT_METHOD *ext) 166static void
167ext_list_free(X509V3_EXT_METHOD *ext)
153{ 168{
154 if(ext->ext_flags & X509V3_EXT_DYNAMIC) free(ext); 169 if (ext->ext_flags & X509V3_EXT_DYNAMIC)
170 free(ext);
155} 171}
156 172
157/* Legacy function: we don't need to add standard extensions 173/* Legacy function: we don't need to add standard extensions
158 * any more because they are now kept in ext_dat.h. 174 * any more because they are now kept in ext_dat.h.
159 */ 175 */
160 176
161int X509V3_add_standard_extensions(void) 177int
178X509V3_add_standard_extensions(void)
162{ 179{
163 return 1; 180 return 1;
164} 181}
165 182
166/* Return an extension internal structure */ 183/* Return an extension internal structure */
167 184
168void *X509V3_EXT_d2i(X509_EXTENSION *ext) 185void *
186X509V3_EXT_d2i(X509_EXTENSION *ext)
169{ 187{
170 const X509V3_EXT_METHOD *method; 188 const X509V3_EXT_METHOD *method;
171 const unsigned char *p; 189 const unsigned char *p;
172 190
173 if(!(method = X509V3_EXT_get(ext))) return NULL; 191 if (!(method = X509V3_EXT_get(ext)))
192 return NULL;
174 p = ext->value->data; 193 p = ext->value->data;
175 if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); 194 if (method->it)
195 return ASN1_item_d2i(NULL, &p, ext->value->length,
196 ASN1_ITEM_ptr(method->it));
176 return method->d2i(NULL, &p, ext->value->length); 197 return method->d2i(NULL, &p, ext->value->length);
177} 198}
178 199
@@ -191,43 +212,53 @@ void *X509V3_EXT_d2i(X509_EXTENSION *ext)
191 * -2 extension occurs more than once. 212 * -2 extension occurs more than once.
192 */ 213 */
193 214
194void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx) 215void *
216X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
195{ 217{
196 int lastpos, i; 218 int lastpos, i;
197 X509_EXTENSION *ex, *found_ex = NULL; 219 X509_EXTENSION *ex, *found_ex = NULL;
198 if(!x) { 220
199 if(idx) *idx = -1; 221 if (!x) {
200 if(crit) *crit = -1; 222 if (idx)
223 *idx = -1;
224 if (crit)
225 *crit = -1;
201 return NULL; 226 return NULL;
202 } 227 }
203 if(idx) lastpos = *idx + 1; 228 if (idx)
204 else lastpos = 0; 229 lastpos = *idx + 1;
205 if(lastpos < 0) lastpos = 0; 230 else
206 for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++) 231 lastpos = 0;
207 { 232 if (lastpos < 0)
233 lastpos = 0;
234 for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
208 ex = sk_X509_EXTENSION_value(x, i); 235 ex = sk_X509_EXTENSION_value(x, i);
209 if(OBJ_obj2nid(ex->object) == nid) { 236 if (OBJ_obj2nid(ex->object) == nid) {
210 if(idx) { 237 if (idx) {
211 *idx = i; 238 *idx = i;
212 found_ex = ex; 239 found_ex = ex;
213 break; 240 break;
214 } else if(found_ex) { 241 } else if (found_ex) {
215 /* Found more than one */ 242 /* Found more than one */
216 if(crit) *crit = -2; 243 if (crit)
244 *crit = -2;
217 return NULL; 245 return NULL;
218 } 246 }
219 found_ex = ex; 247 found_ex = ex;
220 } 248 }
221 } 249 }
222 if(found_ex) { 250 if (found_ex) {
223 /* Found it */ 251 /* Found it */
224 if(crit) *crit = X509_EXTENSION_get_critical(found_ex); 252 if (crit)
253 *crit = X509_EXTENSION_get_critical(found_ex);
225 return X509V3_EXT_d2i(found_ex); 254 return X509V3_EXT_d2i(found_ex);
226 } 255 }
227 256
228 /* Extension not found */ 257 /* Extension not found */
229 if(idx) *idx = -1; 258 if (idx)
230 if(crit) *crit = -1; 259 *idx = -1;
260 if (crit)
261 *crit = -1;
231 return NULL; 262 return NULL;
232} 263}
233 264
@@ -236,8 +267,9 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
236 * 'value' arguments (if relevant) are the extensions internal structure. 267 * 'value' arguments (if relevant) are the extensions internal structure.
237 */ 268 */
238 269
239int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, 270int
240 int crit, unsigned long flags) 271X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
272 int crit, unsigned long flags)
241{ 273{
242 int extidx = -1; 274 int extidx = -1;
243 int errcode; 275 int errcode;
@@ -247,30 +279,31 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
247 /* If appending we don't care if it exists, otherwise 279 /* If appending we don't care if it exists, otherwise
248 * look for existing extension. 280 * look for existing extension.
249 */ 281 */
250 if(ext_op != X509V3_ADD_APPEND) 282 if (ext_op != X509V3_ADD_APPEND)
251 extidx = X509v3_get_ext_by_NID(*x, nid, -1); 283 extidx = X509v3_get_ext_by_NID(*x, nid, -1);
252 284
253 /* See if extension exists */ 285 /* See if extension exists */
254 if(extidx >= 0) { 286 if (extidx >= 0) {
255 /* If keep existing, nothing to do */ 287 /* If keep existing, nothing to do */
256 if(ext_op == X509V3_ADD_KEEP_EXISTING) 288 if (ext_op == X509V3_ADD_KEEP_EXISTING)
257 return 1; 289 return 1;
258 /* If default then its an error */ 290 /* If default then its an error */
259 if(ext_op == X509V3_ADD_DEFAULT) { 291 if (ext_op == X509V3_ADD_DEFAULT) {
260 errcode = X509V3_R_EXTENSION_EXISTS; 292 errcode = X509V3_R_EXTENSION_EXISTS;
261 goto err; 293 goto err;
262 } 294 }
263 /* If delete, just delete it */ 295 /* If delete, just delete it */
264 if(ext_op == X509V3_ADD_DELETE) { 296 if (ext_op == X509V3_ADD_DELETE) {
265 if(!sk_X509_EXTENSION_delete(*x, extidx)) return -1; 297 if (!sk_X509_EXTENSION_delete(*x, extidx))
298 return -1;
266 return 1; 299 return 1;
267 } 300 }
268 } else { 301 } else {
269 /* If replace existing or delete, error since 302 /* If replace existing or delete, error since
270 * extension must exist 303 * extension must exist
271 */ 304 */
272 if((ext_op == X509V3_ADD_REPLACE_EXISTING) || 305 if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
273 (ext_op == X509V3_ADD_DELETE)) { 306 (ext_op == X509V3_ADD_DELETE)) {
274 errcode = X509V3_R_EXTENSION_NOT_FOUND; 307 errcode = X509V3_R_EXTENSION_NOT_FOUND;
275 goto err; 308 goto err;
276 } 309 }
@@ -282,26 +315,30 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
282 315
283 ext = X509V3_EXT_i2d(nid, crit, value); 316 ext = X509V3_EXT_i2d(nid, crit, value);
284 317
285 if(!ext) { 318 if (!ext) {
286 X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION); 319 X509V3err(X509V3_F_X509V3_ADD1_I2D,
320 X509V3_R_ERROR_CREATING_EXTENSION);
287 return 0; 321 return 0;
288 } 322 }
289 323
290 /* If extension exists replace it.. */ 324 /* If extension exists replace it.. */
291 if(extidx >= 0) { 325 if (extidx >= 0) {
292 extmp = sk_X509_EXTENSION_value(*x, extidx); 326 extmp = sk_X509_EXTENSION_value(*x, extidx);
293 X509_EXTENSION_free(extmp); 327 X509_EXTENSION_free(extmp);
294 if(!sk_X509_EXTENSION_set(*x, extidx, ext)) return -1; 328 if (!sk_X509_EXTENSION_set(*x, extidx, ext))
329 return -1;
295 return 1; 330 return 1;
296 } 331 }
297 332
298 if(!*x && !(*x = sk_X509_EXTENSION_new_null())) return -1; 333 if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
299 if(!sk_X509_EXTENSION_push(*x, ext)) return -1; 334 return -1;
335 if (!sk_X509_EXTENSION_push(*x, ext))
336 return -1;
300 337
301 return 1; 338 return 1;
302 339
303 err: 340err:
304 if(!(flags & X509V3_ADD_SILENT)) 341 if (!(flags & X509V3_ADD_SILENT))
305 X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode); 342 X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
306 return 0; 343 return 0;
307} 344}
diff --git a/src/lib/libcrypto/x509v3/v3conf.c b/src/lib/libcrypto/x509v3/v3conf.c
index a9e6ca3542..cfa5fce75c 100644
--- a/src/lib/libcrypto/x509v3/v3conf.c
+++ b/src/lib/libcrypto/x509v3/v3conf.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -66,7 +66,8 @@
66 66
67/* Test application to add extensions from a config file */ 67/* Test application to add extensions from a config file */
68 68
69int main(int argc, char **argv) 69int
70main(int argc, char **argv)
70{ 71{
71 LHASH *conf; 72 LHASH *conf;
72 X509 *cert; 73 X509 *cert;
@@ -75,28 +76,30 @@ int main(int argc, char **argv)
75 int i; 76 int i;
76 int count; 77 int count;
77 X509_EXTENSION *ext; 78 X509_EXTENSION *ext;
79
78 X509V3_add_standard_extensions(); 80 X509V3_add_standard_extensions();
79 ERR_load_crypto_strings(); 81 ERR_load_crypto_strings();
80 if(!argv[1]) { 82 if (!argv[1]) {
81 fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n"); 83 fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
82 exit(1); 84 exit(1);
83 } 85 }
84 conf_file = argv[2]; 86 conf_file = argv[2];
85 if(!conf_file) conf_file = "test.cnf"; 87 if (!conf_file)
88 conf_file = "test.cnf";
86 conf = CONF_load(NULL, "test.cnf", NULL); 89 conf = CONF_load(NULL, "test.cnf", NULL);
87 if(!conf) { 90 if (!conf) {
88 fprintf(stderr, "Error opening Config file %s\n", conf_file); 91 fprintf(stderr, "Error opening Config file %s\n", conf_file);
89 ERR_print_errors_fp(stderr); 92 ERR_print_errors_fp(stderr);
90 exit(1); 93 exit(1);
91 } 94 }
92 95
93 inf = fopen(argv[1], "r"); 96 inf = fopen(argv[1], "r");
94 if(!inf) { 97 if (!inf) {
95 fprintf(stderr, "Can't open certificate file %s\n", argv[1]); 98 fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
96 exit(1); 99 exit(1);
97 } 100 }
98 cert = PEM_read_X509(inf, NULL, NULL); 101 cert = PEM_read_X509(inf, NULL, NULL);
99 if(!cert) { 102 if (!cert) {
100 fprintf(stderr, "Error reading certificate file %s\n", argv[1]); 103 fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
101 exit(1); 104 exit(1);
102 } 105 }
@@ -105,7 +108,7 @@ int main(int argc, char **argv)
105 sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free); 108 sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
106 cert->cert_info->extensions = NULL; 109 cert->cert_info->extensions = NULL;
107 110
108 if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) { 111 if (!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
109 fprintf(stderr, "Error adding extensions\n"); 112 fprintf(stderr, "Error adding extensions\n");
110 ERR_print_errors_fp(stderr); 113 ERR_print_errors_fp(stderr);
111 exit(1); 114 exit(1);
@@ -113,15 +116,16 @@ int main(int argc, char **argv)
113 116
114 count = X509_get_ext_count(cert); 117 count = X509_get_ext_count(cert);
115 printf("%d extensions\n", count); 118 printf("%d extensions\n", count);
116 for(i = 0; i < count; i++) { 119 for (i = 0; i < count; i++) {
117 ext = X509_get_ext(cert, i); 120 ext = X509_get_ext(cert, i);
118 printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); 121 printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
119 if(ext->critical) printf(",critical:\n"); 122 if (ext->critical)
120 else printf(":\n"); 123 printf(",critical:\n");
124 else
125 printf(":\n");
121 X509V3_EXT_print_fp(stdout, ext, 0, 0); 126 X509V3_EXT_print_fp(stdout, ext, 0, 0);
122 printf("\n"); 127 printf("\n");
123 128
124 } 129 }
125 return 0; 130 return 0;
126} 131}
127
diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c
index f9f6f1f91f..c0b8b0e262 100644
--- a/src/lib/libcrypto/x509v3/v3err.c
+++ b/src/lib/libcrypto/x509v3/v3err.c
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -68,159 +68,156 @@
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0) 68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason) 69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
70 70
71static ERR_STRING_DATA X509V3_str_functs[]= 71static ERR_STRING_DATA X509V3_str_functs[] = {
72 { 72 {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
73{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"}, 73 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"},
74{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"}, 74 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"},
75{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"}, 75 {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
76{ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"}, 76 {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
77{ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"}, 77 {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
78{ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"}, 78 {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
79{ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"}, 79 {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
80{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, 80 {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
81{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, 81 {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
82{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, 82 {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
83{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"}, 83 {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
84{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, 84 {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
85{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, 85 {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
86{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"}, 86 {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
87{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"}, 87 {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
88{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"}, 88 {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
89{ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"}, 89 {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
90{ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"}, 90 {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
91{ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"}, 91 {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
92{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"}, 92 {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
93{ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"}, 93 {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
94{ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"}, 94 {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
95{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"}, 95 {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
96{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"}, 96 {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
97{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, 97 {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
98{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, 98 {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
99{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, 99 {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
100{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"}, 100 {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
101{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, 101 {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
102{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, 102 {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
103{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, 103 {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
104{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"}, 104 {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
105{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"}, 105 {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
106{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"}, 106 {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
107{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"}, 107 {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
108{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"}, 108 {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"},
109{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"}, 109 {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
110{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"}, 110 {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
111{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"}, 111 {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
112{ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"}, 112 {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
113{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, 113 {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
114{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, 114 {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
115{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, 115 {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
116{ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"}, 116 {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
117{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"}, 117 {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
118{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, 118 {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
119{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, 119 {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
120{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"}, 120 {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
121{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"}, 121 {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
122{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"}, 122 {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"},
123{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"}, 123 {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
124{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"}, 124 {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
125{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"}, 125 {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
126{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"}, 126 {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
127{ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"}, 127 {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
128{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"}, 128 {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
129{ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"}, 129 {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
130{ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"}, 130 {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
131{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"}, 131 {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
132{ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"}, 132 {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
133{ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"}, 133 {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
134{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"}, 134 {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
135{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"}, 135 {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
136{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"}, 136 {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
137{ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"}, 137 {0, NULL}
138{0,NULL} 138};
139 };
140 139
141static ERR_STRING_DATA X509V3_str_reasons[]= 140static ERR_STRING_DATA X509V3_str_reasons[] = {
142 { 141 {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"},
143{ERR_REASON(X509V3_R_BAD_IP_ADDRESS) ,"bad ip address"}, 142 {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"},
144{ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"}, 143 {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"},
145{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"}, 144 {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"},
146{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"}, 145 {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"},
147{ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"}, 146 {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
148{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET),"distpoint already set"}, 147 {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"},
149{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"}, 148 {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
150{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"}, 149 {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"},
151{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"}, 150 {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"},
152{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"}, 151 {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
153{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"}, 152 {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"},
154{ERR_REASON(X509V3_R_EXTENSION_EXISTS) ,"extension exists"}, 153 {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
155{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"}, 154 {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
156{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"}, 155 {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"},
157{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"}, 156 {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
158{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"}, 157 {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
159{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"}, 158 {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"},
160{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"}, 159 {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"},
161{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"}, 160 {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
162{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS),"invalid multiple rdns"}, 161 {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"},
163{ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"}, 162 {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"},
164{ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"}, 163 {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
165{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"}, 164 {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"},
166{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"}, 165 {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
167{ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"}, 166 {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"},
168{ERR_REASON(X509V3_R_INVALID_IPADDRESS) ,"invalid ipaddress"}, 167 {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"},
169{ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"}, 168 {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
170{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"}, 169 {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"},
171{ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"}, 170 {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"},
172{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"}, 171 {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"},
173{ERR_REASON(X509V3_R_INVALID_NUMBER) ,"invalid number"}, 172 {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"},
174{ERR_REASON(X509V3_R_INVALID_NUMBERS) ,"invalid numbers"}, 173 {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"},
175{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"}, 174 {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"},
176{ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"}, 175 {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"},
177{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"}, 176 {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"},
178{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"}, 177 {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"},
179{ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"}, 178 {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"},
180{ERR_REASON(X509V3_R_INVALID_SAFI) ,"invalid safi"}, 179 {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"},
181{ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"}, 180 {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"},
182{ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"}, 181 {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
183{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"}, 182 {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"},
184{ERR_REASON(X509V3_R_MISSING_VALUE) ,"missing value"}, 183 {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"},
185{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"}, 184 {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"},
186{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"}, 185 {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
187{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"}, 186 {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"},
188{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) ,"no issuer details"}, 187 {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
189{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"}, 188 {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"},
190{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"}, 189 {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"},
191{ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"}, 190 {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"},
192{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"}, 191 {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
193{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"}, 192 {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
194{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"}, 193 {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"},
195{ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"}, 194 {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"},
196{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),"policy language already defined"}, 195 {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"},
197{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"}, 196 {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"},
198{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),"policy path length already defined"}, 197 {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"},
199{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"}, 198 {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"},
200{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"}, 199 {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"},
201{ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"}, 200 {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"},
202{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"}, 201 {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"},
203{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"}, 202 {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"},
204{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"}, 203 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"},
205{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) ,"unknown extension"}, 204 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
206{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"}, 205 {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"},
207{ERR_REASON(X509V3_R_UNKNOWN_OPTION) ,"unknown option"}, 206 {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"},
208{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"}, 207 {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"},
209{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) ,"unsupported type"}, 208 {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"},
210{ERR_REASON(X509V3_R_USER_TOO_LONG) ,"user too long"}, 209 {0, NULL}
211{0,NULL} 210};
212 };
213 211
214#endif 212#endif
215 213
216void ERR_load_X509V3_strings(void) 214void
217 { 215ERR_load_X509V3_strings(void)
216{
218#ifndef OPENSSL_NO_ERR 217#ifndef OPENSSL_NO_ERR
219 218 if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
220 if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) 219 ERR_load_strings(0, X509V3_str_functs);
221 { 220 ERR_load_strings(0, X509V3_str_reasons);
222 ERR_load_strings(0,X509V3_str_functs);
223 ERR_load_strings(0,X509V3_str_reasons);
224 }
225#endif
226 } 221 }
222#endif
223}
diff --git a/src/lib/libcrypto/x509v3/v3prin.c b/src/lib/libcrypto/x509v3/v3prin.c
index d5ff268296..da701de132 100644
--- a/src/lib/libcrypto/x509v3/v3prin.c
+++ b/src/lib/libcrypto/x509v3/v3prin.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -56,31 +56,31 @@
56 * 56 *
57 */ 57 */
58 58
59
60
61#include <stdio.h> 59#include <stdio.h>
62#include <openssl/asn1.h> 60#include <openssl/asn1.h>
63#include <openssl/conf.h> 61#include <openssl/conf.h>
64#include <openssl/x509.h> 62#include <openssl/x509.h>
65#include <openssl/x509v3.h> 63#include <openssl/x509v3.h>
66 64
67int main(int argc, char **argv) 65int
66main(int argc, char **argv)
68{ 67{
69 X509 *cert; 68 X509 *cert;
70 FILE *inf; 69 FILE *inf;
71 int i, count; 70 int i, count;
72 X509_EXTENSION *ext; 71 X509_EXTENSION *ext;
72
73 X509V3_add_standard_extensions(); 73 X509V3_add_standard_extensions();
74 ERR_load_crypto_strings(); 74 ERR_load_crypto_strings();
75 if(!argv[1]) { 75 if (!argv[1]) {
76 fprintf(stderr, "Usage v3prin cert.pem\n"); 76 fprintf(stderr, "Usage v3prin cert.pem\n");
77 exit(1); 77 exit(1);
78 } 78 }
79 if(!(inf = fopen(argv[1], "r"))) { 79 if (!(inf = fopen(argv[1], "r"))) {
80 fprintf(stderr, "Can't open %s\n", argv[1]); 80 fprintf(stderr, "Can't open %s\n", argv[1]);
81 exit(1); 81 exit(1);
82 } 82 }
83 if(!(cert = PEM_read_X509(inf, NULL, NULL))) { 83 if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
84 fprintf(stderr, "Can't read certificate %s\n", argv[1]); 84 fprintf(stderr, "Can't read certificate %s\n", argv[1]);
85 ERR_print_errors_fp(stderr); 85 ERR_print_errors_fp(stderr);
86 exit(1); 86 exit(1);
@@ -88,12 +88,13 @@ int main(int argc, char **argv)
88 fclose(inf); 88 fclose(inf);
89 count = X509_get_ext_count(cert); 89 count = X509_get_ext_count(cert);
90 printf("%d extensions\n", count); 90 printf("%d extensions\n", count);
91 for(i = 0; i < count; i++) { 91 for (i = 0; i < count; i++) {
92 ext = X509_get_ext(cert, i); 92 ext = X509_get_ext(cert, i);
93 printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object))); 93 printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
94 if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr); 94 if (!X509V3_EXT_print_fp(stdout, ext, 0, 0))
95 ERR_print_errors_fp(stderr);
95 printf("\n"); 96 printf("\n");
96 97
97 } 98 }
98 return 0; 99 return 0;
99} 100}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_ia5.c b/src/lib/libssl/src/crypto/x509v3/v3_ia5.c
index 98789b36e9..090fe49b20 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_ia5.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_ia5.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -64,26 +64,29 @@
64#include <openssl/x509v3.h> 64#include <openssl/x509v3.h>
65 65
66static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); 66static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
67static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); 67static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
68const X509V3_EXT_METHOD v3_ns_ia5_list[] = { 68 X509V3_CTX *ctx, char *str);
69EXT_IA5STRING(NID_netscape_base_url),
70EXT_IA5STRING(NID_netscape_revocation_url),
71EXT_IA5STRING(NID_netscape_ca_revocation_url),
72EXT_IA5STRING(NID_netscape_renewal_url),
73EXT_IA5STRING(NID_netscape_ca_policy_url),
74EXT_IA5STRING(NID_netscape_ssl_server_name),
75EXT_IA5STRING(NID_netscape_comment),
76EXT_END
77};
78 69
70const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
71 EXT_IA5STRING(NID_netscape_base_url),
72 EXT_IA5STRING(NID_netscape_revocation_url),
73 EXT_IA5STRING(NID_netscape_ca_revocation_url),
74 EXT_IA5STRING(NID_netscape_renewal_url),
75 EXT_IA5STRING(NID_netscape_ca_policy_url),
76 EXT_IA5STRING(NID_netscape_ssl_server_name),
77 EXT_IA5STRING(NID_netscape_comment),
78 EXT_END
79};
79 80
80static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, 81static char *
81 ASN1_IA5STRING *ia5) 82i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
82{ 83{
83 char *tmp; 84 char *tmp;
84 if(!ia5 || !ia5->length) return NULL; 85
85 if(!(tmp = malloc(ia5->length + 1))) { 86 if (!ia5 || !ia5->length)
86 X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); 87 return NULL;
88 if (!(tmp = malloc(ia5->length + 1))) {
89 X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
87 return NULL; 90 return NULL;
88 } 91 }
89 memcpy(tmp, ia5->data, ia5->length); 92 memcpy(tmp, ia5->data, ia5->length);
@@ -91,23 +94,25 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
91 return tmp; 94 return tmp;
92} 95}
93 96
94static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, 97static ASN1_IA5STRING *
95 X509V3_CTX *ctx, char *str) 98s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
96{ 99{
97 ASN1_IA5STRING *ia5; 100 ASN1_IA5STRING *ia5;
98 if(!str) { 101 if (!str) {
99 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT); 102 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
103 X509V3_R_INVALID_NULL_ARGUMENT);
100 return NULL; 104 return NULL;
101 } 105 }
102 if(!(ia5 = M_ASN1_IA5STRING_new())) goto err; 106 if (!(ia5 = M_ASN1_IA5STRING_new()))
103 if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str, 107 goto err;
104 strlen(str))) { 108 if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
109 strlen(str))) {
105 M_ASN1_IA5STRING_free(ia5); 110 M_ASN1_IA5STRING_free(ia5);
106 goto err; 111 goto err;
107 } 112 }
108 return ia5; 113 return ia5;
109 err: 114
110 X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); 115err:
116 X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
111 return NULL; 117 return NULL;
112} 118}
113
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c
index c9d6c97b51..7853e3e23b 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_info.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -63,29 +63,33 @@
63#include <openssl/asn1t.h> 63#include <openssl/asn1t.h>
64#include <openssl/x509v3.h> 64#include <openssl/x509v3.h>
65 65
66static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 66static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
67 AUTHORITY_INFO_ACCESS *ainfo, 67 X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
68 STACK_OF(CONF_VALUE) *ret); 68 STACK_OF(CONF_VALUE) *ret);
69static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 69static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(
70 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 70 X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
71 71
72const X509V3_EXT_METHOD v3_info = 72const X509V3_EXT_METHOD v3_info = {
73{ NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 73 NID_info_access, X509V3_EXT_MULTILINE,
740,0,0,0, 74 ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
750,0, 75 0, 0, 0, 0,
76(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, 76 0, 0,
77(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, 77 (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
780,0, 78 (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
79NULL}; 79 0, 0,
80 80 NULL
81const X509V3_EXT_METHOD v3_sinfo = 81};
82{ NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 82
830,0,0,0, 83const X509V3_EXT_METHOD v3_sinfo = {
840,0, 84 NID_sinfo_access, X509V3_EXT_MULTILINE,
85(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, 85 ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
86(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, 86 0, 0, 0, 0,
870,0, 87 0, 0,
88NULL}; 88 (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
89 (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
90 0, 0,
91 NULL
92};
89 93
90ASN1_SEQUENCE(ACCESS_DESCRIPTION) = { 94ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
91 ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT), 95 ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
@@ -94,31 +98,34 @@ ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
94 98
95IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) 99IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
96 100
97ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) = 101ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
98 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION) 102 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames,
103 ACCESS_DESCRIPTION)
99ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS) 104ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
100 105
101IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) 106IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
102 107
103static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 108static STACK_OF(CONF_VALUE) *
104 AUTHORITY_INFO_ACCESS *ainfo, 109i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
105 STACK_OF(CONF_VALUE) *ret) 110 AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret)
106{ 111{
107 ACCESS_DESCRIPTION *desc; 112 ACCESS_DESCRIPTION *desc;
108 int i,nlen; 113 int i, nlen;
109 char objtmp[80], *ntmp; 114 char objtmp[80], *ntmp;
110 CONF_VALUE *vtmp; 115 CONF_VALUE *vtmp;
111 for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { 116
117 for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
112 desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); 118 desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
113 ret = i2v_GENERAL_NAME(method, desc->location, ret); 119 ret = i2v_GENERAL_NAME(method, desc->location, ret);
114 if(!ret) break; 120 if (!ret)
121 break;
115 vtmp = sk_CONF_VALUE_value(ret, i); 122 vtmp = sk_CONF_VALUE_value(ret, i);
116 i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); 123 i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
117 nlen = strlen(objtmp) + strlen(vtmp->name) + 5; 124 nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
118 ntmp = malloc(nlen); 125 ntmp = malloc(nlen);
119 if(!ntmp) { 126 if (!ntmp) {
120 X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, 127 X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
121 ERR_R_MALLOC_FAILURE); 128 ERR_R_MALLOC_FAILURE);
122 return NULL; 129 return NULL;
123 } 130 }
124 strlcpy(ntmp, objtmp, nlen); 131 strlcpy(ntmp, objtmp, nlen);
@@ -126,49 +133,57 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method
126 strlcat(ntmp, vtmp->name, nlen); 133 strlcat(ntmp, vtmp->name, nlen);
127 free(vtmp->name); 134 free(vtmp->name);
128 vtmp->name = ntmp; 135 vtmp->name = ntmp;
129 136
130 } 137 }
131 if(!ret) return sk_CONF_VALUE_new_null(); 138 if (!ret)
139 return sk_CONF_VALUE_new_null();
132 return ret; 140 return ret;
133} 141}
134 142
135static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, 143static AUTHORITY_INFO_ACCESS *
136 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) 144v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
145 STACK_OF(CONF_VALUE) *nval)
137{ 146{
138 AUTHORITY_INFO_ACCESS *ainfo = NULL; 147 AUTHORITY_INFO_ACCESS *ainfo = NULL;
139 CONF_VALUE *cnf, ctmp; 148 CONF_VALUE *cnf, ctmp;
140 ACCESS_DESCRIPTION *acc; 149 ACCESS_DESCRIPTION *acc;
141 int i, objlen; 150 int i, objlen;
142 char *objtmp, *ptmp; 151 char *objtmp, *ptmp;
143 if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { 152
144 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); 153 if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
154 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
155 ERR_R_MALLOC_FAILURE);
145 return NULL; 156 return NULL;
146 } 157 }
147 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { 158 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
148 cnf = sk_CONF_VALUE_value(nval, i); 159 cnf = sk_CONF_VALUE_value(nval, i);
149 if(!(acc = ACCESS_DESCRIPTION_new()) 160 if (!(acc = ACCESS_DESCRIPTION_new()) ||
150 || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { 161 !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
151 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); 162 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
163 ERR_R_MALLOC_FAILURE);
152 goto err; 164 goto err;
153 } 165 }
154 ptmp = strchr(cnf->name, ';'); 166 ptmp = strchr(cnf->name, ';');
155 if(!ptmp) { 167 if (!ptmp) {
156 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX); 168 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
169 X509V3_R_INVALID_SYNTAX);
157 goto err; 170 goto err;
158 } 171 }
159 objlen = ptmp - cnf->name; 172 objlen = ptmp - cnf->name;
160 ctmp.name = ptmp + 1; 173 ctmp.name = ptmp + 1;
161 ctmp.value = cnf->value; 174 ctmp.value = cnf->value;
162 if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) 175 if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
163 goto err; 176 goto err;
164 if(!(objtmp = malloc(objlen + 1))) { 177 if (!(objtmp = malloc(objlen + 1))) {
165 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); 178 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
179 ERR_R_MALLOC_FAILURE);
166 goto err; 180 goto err;
167 } 181 }
168 strlcpy(objtmp, cnf->name, objlen + 1); 182 strlcpy(objtmp, cnf->name, objlen + 1);
169 acc->method = OBJ_txt2obj(objtmp, 0); 183 acc->method = OBJ_txt2obj(objtmp, 0);
170 if(!acc->method) { 184 if (!acc->method) {
171 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT); 185 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
186 X509V3_R_BAD_OBJECT);
172 ERR_add_error_data(2, "value=", objtmp); 187 ERR_add_error_data(2, "value=", objtmp);
173 free(objtmp); 188 free(objtmp);
174 goto err; 189 goto err;
@@ -177,16 +192,18 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
177 192
178 } 193 }
179 return ainfo; 194 return ainfo;
180 err: 195
196err:
181 sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free); 197 sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
182 return NULL; 198 return NULL;
183} 199}
184 200
185int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) 201int
186 { 202i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
203{
187 i2a_ASN1_OBJECT(bp, a->method); 204 i2a_ASN1_OBJECT(bp, a->method);
188#ifdef UNDEF 205#ifdef UNDEF
189 i2a_GENERAL_NAME(bp, a->location); 206 i2a_GENERAL_NAME(bp, a->location);
190#endif 207#endif
191 return 2; 208 return 2;
192 } 209}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_int.c b/src/lib/libssl/src/crypto/x509v3/v3_int.c
index 4bfd14cf46..51f9e5cdc6 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_int.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_int.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -60,30 +60,35 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/x509v3.h> 61#include <openssl/x509v3.h>
62 62
63const X509V3_EXT_METHOD v3_crl_num = { 63const X509V3_EXT_METHOD v3_crl_num = {
64 NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), 64 NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
65 0,0,0,0, 65 0, 0, 0, 0,
66 (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 66 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
67 0, 67 0,
68 0,0,0,0, NULL}; 68 0, 0, 0, 0,
69 NULL
70};
69 71
70const X509V3_EXT_METHOD v3_delta_crl = { 72const X509V3_EXT_METHOD v3_delta_crl = {
71 NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), 73 NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
72 0,0,0,0, 74 0, 0, 0, 0,
73 (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 75 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
74 0, 76 0,
75 0,0,0,0, NULL}; 77 0, 0, 0, 0,
78 NULL
79};
76 80
77static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value) 81static void *
78 { 82s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
83{
79 return s2i_ASN1_INTEGER(meth, value); 84 return s2i_ASN1_INTEGER(meth, value);
80 } 85}
81 86
82const X509V3_EXT_METHOD v3_inhibit_anyp = { 87const X509V3_EXT_METHOD v3_inhibit_anyp = {
83 NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER), 88 NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
84 0,0,0,0, 89 0, 0, 0, 0,
85 (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 90 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
86 (X509V3_EXT_S2I)s2i_asn1_int, 91 (X509V3_EXT_S2I)s2i_asn1_int,
87 0,0,0,0, NULL}; 92 0, 0, 0, 0,
88 93 NULL
89 94};
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_lib.c b/src/lib/libssl/src/crypto/x509v3/v3_lib.c
index 8d5e6ee911..3f610cdaa3 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_lib.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_lib.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -67,74 +67,87 @@
67static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL; 67static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
68 68
69static int ext_cmp(const X509V3_EXT_METHOD * const *a, 69static int ext_cmp(const X509V3_EXT_METHOD * const *a,
70 const X509V3_EXT_METHOD * const *b); 70 const X509V3_EXT_METHOD * const *b);
71static void ext_list_free(X509V3_EXT_METHOD *ext); 71static void ext_list_free(X509V3_EXT_METHOD *ext);
72 72
73int X509V3_EXT_add(X509V3_EXT_METHOD *ext) 73int
74X509V3_EXT_add(X509V3_EXT_METHOD *ext)
74{ 75{
75 if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) { 76 if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
76 X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); 77 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
77 return 0; 78 return 0;
78 } 79 }
79 if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { 80 if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
80 X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); 81 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
81 return 0; 82 return 0;
82 } 83 }
83 return 1; 84 return 1;
84} 85}
85 86
86static int ext_cmp(const X509V3_EXT_METHOD * const *a, 87static int
87 const X509V3_EXT_METHOD * const *b) 88ext_cmp(const X509V3_EXT_METHOD * const *a, const X509V3_EXT_METHOD * const *b)
88{ 89{
89 return ((*a)->ext_nid - (*b)->ext_nid); 90 return ((*a)->ext_nid - (*b)->ext_nid);
90} 91}
91 92
92DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, const X509V3_EXT_METHOD *, 93DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
93 ext); 94 const X509V3_EXT_METHOD *, ext);
94IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, 95IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
95 const X509V3_EXT_METHOD *, ext); 96 const X509V3_EXT_METHOD *, ext);
96 97
97const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) 98const X509V3_EXT_METHOD *
99X509V3_EXT_get_nid(int nid)
98{ 100{
99 X509V3_EXT_METHOD tmp; 101 X509V3_EXT_METHOD tmp;
100 const X509V3_EXT_METHOD *t = &tmp, * const *ret; 102 const X509V3_EXT_METHOD *t = &tmp, * const *ret;
101 int idx; 103 int idx;
102 if(nid < 0) return NULL; 104
105 if (nid < 0)
106 return NULL;
103 tmp.ext_nid = nid; 107 tmp.ext_nid = nid;
104 ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT); 108 ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
105 if(ret) return *ret; 109 if (ret)
106 if(!ext_list) return NULL; 110 return *ret;
111 if (!ext_list)
112 return NULL;
107 idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp); 113 idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
108 if(idx == -1) return NULL; 114 if (idx == -1)
115 return NULL;
109 return sk_X509V3_EXT_METHOD_value(ext_list, idx); 116 return sk_X509V3_EXT_METHOD_value(ext_list, idx);
110} 117}
111 118
112const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext) 119const X509V3_EXT_METHOD *
120X509V3_EXT_get(X509_EXTENSION *ext)
113{ 121{
114 int nid; 122 int nid;
115 if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL; 123
124 if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
125 return NULL;
116 return X509V3_EXT_get_nid(nid); 126 return X509V3_EXT_get_nid(nid);
117} 127}
118 128
119 129int
120int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist) 130X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
121{ 131{
122 for(;extlist->ext_nid!=-1;extlist++) 132 for (; extlist->ext_nid!=-1; extlist++)
123 if(!X509V3_EXT_add(extlist)) return 0; 133 if (!X509V3_EXT_add(extlist))
134 return 0;
124 return 1; 135 return 1;
125} 136}
126 137
127int X509V3_EXT_add_alias(int nid_to, int nid_from) 138int
139X509V3_EXT_add_alias(int nid_to, int nid_from)
128{ 140{
129 const X509V3_EXT_METHOD *ext; 141 const X509V3_EXT_METHOD *ext;
130 X509V3_EXT_METHOD *tmpext; 142 X509V3_EXT_METHOD *tmpext;
131 143
132 if(!(ext = X509V3_EXT_get_nid(nid_from))) { 144 if (!(ext = X509V3_EXT_get_nid(nid_from))) {
133 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); 145 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
146 X509V3_R_EXTENSION_NOT_FOUND);
134 return 0; 147 return 0;
135 } 148 }
136 if(!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) { 149 if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
137 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); 150 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
138 return 0; 151 return 0;
139 } 152 }
140 *tmpext = *ext; 153 *tmpext = *ext;
@@ -143,36 +156,44 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from)
143 return X509V3_EXT_add(tmpext); 156 return X509V3_EXT_add(tmpext);
144} 157}
145 158
146void X509V3_EXT_cleanup(void) 159void
160X509V3_EXT_cleanup(void)
147{ 161{
148 sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free); 162 sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
149 ext_list = NULL; 163 ext_list = NULL;
150} 164}
151 165
152static void ext_list_free(X509V3_EXT_METHOD *ext) 166static void
167ext_list_free(X509V3_EXT_METHOD *ext)
153{ 168{
154 if(ext->ext_flags & X509V3_EXT_DYNAMIC) free(ext); 169 if (ext->ext_flags & X509V3_EXT_DYNAMIC)
170 free(ext);
155} 171}
156 172
157/* Legacy function: we don't need to add standard extensions 173/* Legacy function: we don't need to add standard extensions
158 * any more because they are now kept in ext_dat.h. 174 * any more because they are now kept in ext_dat.h.
159 */ 175 */
160 176
161int X509V3_add_standard_extensions(void) 177int
178X509V3_add_standard_extensions(void)
162{ 179{
163 return 1; 180 return 1;
164} 181}
165 182
166/* Return an extension internal structure */ 183/* Return an extension internal structure */
167 184
168void *X509V3_EXT_d2i(X509_EXTENSION *ext) 185void *
186X509V3_EXT_d2i(X509_EXTENSION *ext)
169{ 187{
170 const X509V3_EXT_METHOD *method; 188 const X509V3_EXT_METHOD *method;
171 const unsigned char *p; 189 const unsigned char *p;
172 190
173 if(!(method = X509V3_EXT_get(ext))) return NULL; 191 if (!(method = X509V3_EXT_get(ext)))
192 return NULL;
174 p = ext->value->data; 193 p = ext->value->data;
175 if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); 194 if (method->it)
195 return ASN1_item_d2i(NULL, &p, ext->value->length,
196 ASN1_ITEM_ptr(method->it));
176 return method->d2i(NULL, &p, ext->value->length); 197 return method->d2i(NULL, &p, ext->value->length);
177} 198}
178 199
@@ -191,43 +212,53 @@ void *X509V3_EXT_d2i(X509_EXTENSION *ext)
191 * -2 extension occurs more than once. 212 * -2 extension occurs more than once.
192 */ 213 */
193 214
194void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx) 215void *
216X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
195{ 217{
196 int lastpos, i; 218 int lastpos, i;
197 X509_EXTENSION *ex, *found_ex = NULL; 219 X509_EXTENSION *ex, *found_ex = NULL;
198 if(!x) { 220
199 if(idx) *idx = -1; 221 if (!x) {
200 if(crit) *crit = -1; 222 if (idx)
223 *idx = -1;
224 if (crit)
225 *crit = -1;
201 return NULL; 226 return NULL;
202 } 227 }
203 if(idx) lastpos = *idx + 1; 228 if (idx)
204 else lastpos = 0; 229 lastpos = *idx + 1;
205 if(lastpos < 0) lastpos = 0; 230 else
206 for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++) 231 lastpos = 0;
207 { 232 if (lastpos < 0)
233 lastpos = 0;
234 for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
208 ex = sk_X509_EXTENSION_value(x, i); 235 ex = sk_X509_EXTENSION_value(x, i);
209 if(OBJ_obj2nid(ex->object) == nid) { 236 if (OBJ_obj2nid(ex->object) == nid) {
210 if(idx) { 237 if (idx) {
211 *idx = i; 238 *idx = i;
212 found_ex = ex; 239 found_ex = ex;
213 break; 240 break;
214 } else if(found_ex) { 241 } else if (found_ex) {
215 /* Found more than one */ 242 /* Found more than one */
216 if(crit) *crit = -2; 243 if (crit)
244 *crit = -2;
217 return NULL; 245 return NULL;
218 } 246 }
219 found_ex = ex; 247 found_ex = ex;
220 } 248 }
221 } 249 }
222 if(found_ex) { 250 if (found_ex) {
223 /* Found it */ 251 /* Found it */
224 if(crit) *crit = X509_EXTENSION_get_critical(found_ex); 252 if (crit)
253 *crit = X509_EXTENSION_get_critical(found_ex);
225 return X509V3_EXT_d2i(found_ex); 254 return X509V3_EXT_d2i(found_ex);
226 } 255 }
227 256
228 /* Extension not found */ 257 /* Extension not found */
229 if(idx) *idx = -1; 258 if (idx)
230 if(crit) *crit = -1; 259 *idx = -1;
260 if (crit)
261 *crit = -1;
231 return NULL; 262 return NULL;
232} 263}
233 264
@@ -236,8 +267,9 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
236 * 'value' arguments (if relevant) are the extensions internal structure. 267 * 'value' arguments (if relevant) are the extensions internal structure.
237 */ 268 */
238 269
239int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, 270int
240 int crit, unsigned long flags) 271X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
272 int crit, unsigned long flags)
241{ 273{
242 int extidx = -1; 274 int extidx = -1;
243 int errcode; 275 int errcode;
@@ -247,30 +279,31 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
247 /* If appending we don't care if it exists, otherwise 279 /* If appending we don't care if it exists, otherwise
248 * look for existing extension. 280 * look for existing extension.
249 */ 281 */
250 if(ext_op != X509V3_ADD_APPEND) 282 if (ext_op != X509V3_ADD_APPEND)
251 extidx = X509v3_get_ext_by_NID(*x, nid, -1); 283 extidx = X509v3_get_ext_by_NID(*x, nid, -1);
252 284
253 /* See if extension exists */ 285 /* See if extension exists */
254 if(extidx >= 0) { 286 if (extidx >= 0) {
255 /* If keep existing, nothing to do */ 287 /* If keep existing, nothing to do */
256 if(ext_op == X509V3_ADD_KEEP_EXISTING) 288 if (ext_op == X509V3_ADD_KEEP_EXISTING)
257 return 1; 289 return 1;
258 /* If default then its an error */ 290 /* If default then its an error */
259 if(ext_op == X509V3_ADD_DEFAULT) { 291 if (ext_op == X509V3_ADD_DEFAULT) {
260 errcode = X509V3_R_EXTENSION_EXISTS; 292 errcode = X509V3_R_EXTENSION_EXISTS;
261 goto err; 293 goto err;
262 } 294 }
263 /* If delete, just delete it */ 295 /* If delete, just delete it */
264 if(ext_op == X509V3_ADD_DELETE) { 296 if (ext_op == X509V3_ADD_DELETE) {
265 if(!sk_X509_EXTENSION_delete(*x, extidx)) return -1; 297 if (!sk_X509_EXTENSION_delete(*x, extidx))
298 return -1;
266 return 1; 299 return 1;
267 } 300 }
268 } else { 301 } else {
269 /* If replace existing or delete, error since 302 /* If replace existing or delete, error since
270 * extension must exist 303 * extension must exist
271 */ 304 */
272 if((ext_op == X509V3_ADD_REPLACE_EXISTING) || 305 if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
273 (ext_op == X509V3_ADD_DELETE)) { 306 (ext_op == X509V3_ADD_DELETE)) {
274 errcode = X509V3_R_EXTENSION_NOT_FOUND; 307 errcode = X509V3_R_EXTENSION_NOT_FOUND;
275 goto err; 308 goto err;
276 } 309 }
@@ -282,26 +315,30 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
282 315
283 ext = X509V3_EXT_i2d(nid, crit, value); 316 ext = X509V3_EXT_i2d(nid, crit, value);
284 317
285 if(!ext) { 318 if (!ext) {
286 X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION); 319 X509V3err(X509V3_F_X509V3_ADD1_I2D,
320 X509V3_R_ERROR_CREATING_EXTENSION);
287 return 0; 321 return 0;
288 } 322 }
289 323
290 /* If extension exists replace it.. */ 324 /* If extension exists replace it.. */
291 if(extidx >= 0) { 325 if (extidx >= 0) {
292 extmp = sk_X509_EXTENSION_value(*x, extidx); 326 extmp = sk_X509_EXTENSION_value(*x, extidx);
293 X509_EXTENSION_free(extmp); 327 X509_EXTENSION_free(extmp);
294 if(!sk_X509_EXTENSION_set(*x, extidx, ext)) return -1; 328 if (!sk_X509_EXTENSION_set(*x, extidx, ext))
329 return -1;
295 return 1; 330 return 1;
296 } 331 }
297 332
298 if(!*x && !(*x = sk_X509_EXTENSION_new_null())) return -1; 333 if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
299 if(!sk_X509_EXTENSION_push(*x, ext)) return -1; 334 return -1;
335 if (!sk_X509_EXTENSION_push(*x, ext))
336 return -1;
300 337
301 return 1; 338 return 1;
302 339
303 err: 340err:
304 if(!(flags & X509V3_ADD_SILENT)) 341 if (!(flags & X509V3_ADD_SILENT))
305 X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode); 342 X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
306 return 0; 343 return 0;
307} 344}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3conf.c b/src/lib/libssl/src/crypto/x509v3/v3conf.c
index a9e6ca3542..cfa5fce75c 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3conf.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3conf.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -66,7 +66,8 @@
66 66
67/* Test application to add extensions from a config file */ 67/* Test application to add extensions from a config file */
68 68
69int main(int argc, char **argv) 69int
70main(int argc, char **argv)
70{ 71{
71 LHASH *conf; 72 LHASH *conf;
72 X509 *cert; 73 X509 *cert;
@@ -75,28 +76,30 @@ int main(int argc, char **argv)
75 int i; 76 int i;
76 int count; 77 int count;
77 X509_EXTENSION *ext; 78 X509_EXTENSION *ext;
79
78 X509V3_add_standard_extensions(); 80 X509V3_add_standard_extensions();
79 ERR_load_crypto_strings(); 81 ERR_load_crypto_strings();
80 if(!argv[1]) { 82 if (!argv[1]) {
81 fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n"); 83 fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
82 exit(1); 84 exit(1);
83 } 85 }
84 conf_file = argv[2]; 86 conf_file = argv[2];
85 if(!conf_file) conf_file = "test.cnf"; 87 if (!conf_file)
88 conf_file = "test.cnf";
86 conf = CONF_load(NULL, "test.cnf", NULL); 89 conf = CONF_load(NULL, "test.cnf", NULL);
87 if(!conf) { 90 if (!conf) {
88 fprintf(stderr, "Error opening Config file %s\n", conf_file); 91 fprintf(stderr, "Error opening Config file %s\n", conf_file);
89 ERR_print_errors_fp(stderr); 92 ERR_print_errors_fp(stderr);
90 exit(1); 93 exit(1);
91 } 94 }
92 95
93 inf = fopen(argv[1], "r"); 96 inf = fopen(argv[1], "r");
94 if(!inf) { 97 if (!inf) {
95 fprintf(stderr, "Can't open certificate file %s\n", argv[1]); 98 fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
96 exit(1); 99 exit(1);
97 } 100 }
98 cert = PEM_read_X509(inf, NULL, NULL); 101 cert = PEM_read_X509(inf, NULL, NULL);
99 if(!cert) { 102 if (!cert) {
100 fprintf(stderr, "Error reading certificate file %s\n", argv[1]); 103 fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
101 exit(1); 104 exit(1);
102 } 105 }
@@ -105,7 +108,7 @@ int main(int argc, char **argv)
105 sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free); 108 sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
106 cert->cert_info->extensions = NULL; 109 cert->cert_info->extensions = NULL;
107 110
108 if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) { 111 if (!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
109 fprintf(stderr, "Error adding extensions\n"); 112 fprintf(stderr, "Error adding extensions\n");
110 ERR_print_errors_fp(stderr); 113 ERR_print_errors_fp(stderr);
111 exit(1); 114 exit(1);
@@ -113,15 +116,16 @@ int main(int argc, char **argv)
113 116
114 count = X509_get_ext_count(cert); 117 count = X509_get_ext_count(cert);
115 printf("%d extensions\n", count); 118 printf("%d extensions\n", count);
116 for(i = 0; i < count; i++) { 119 for (i = 0; i < count; i++) {
117 ext = X509_get_ext(cert, i); 120 ext = X509_get_ext(cert, i);
118 printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); 121 printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
119 if(ext->critical) printf(",critical:\n"); 122 if (ext->critical)
120 else printf(":\n"); 123 printf(",critical:\n");
124 else
125 printf(":\n");
121 X509V3_EXT_print_fp(stdout, ext, 0, 0); 126 X509V3_EXT_print_fp(stdout, ext, 0, 0);
122 printf("\n"); 127 printf("\n");
123 128
124 } 129 }
125 return 0; 130 return 0;
126} 131}
127
diff --git a/src/lib/libssl/src/crypto/x509v3/v3err.c b/src/lib/libssl/src/crypto/x509v3/v3err.c
index f9f6f1f91f..c0b8b0e262 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3err.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3err.c
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -68,159 +68,156 @@
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0) 68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason) 69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
70 70
71static ERR_STRING_DATA X509V3_str_functs[]= 71static ERR_STRING_DATA X509V3_str_functs[] = {
72 { 72 {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
73{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"}, 73 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"},
74{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"}, 74 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"},
75{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"}, 75 {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
76{ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"}, 76 {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
77{ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"}, 77 {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
78{ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"}, 78 {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
79{ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"}, 79 {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
80{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"}, 80 {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
81{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"}, 81 {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
82{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"}, 82 {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
83{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"}, 83 {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
84{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"}, 84 {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
85{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"}, 85 {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
86{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"}, 86 {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
87{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"}, 87 {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
88{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"}, 88 {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
89{ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"}, 89 {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
90{ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"}, 90 {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
91{ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"}, 91 {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
92{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"}, 92 {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
93{ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"}, 93 {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
94{ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"}, 94 {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
95{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"}, 95 {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
96{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"}, 96 {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
97{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"}, 97 {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
98{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"}, 98 {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
99{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"}, 99 {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
100{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"}, 100 {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
101{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"}, 101 {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
102{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"}, 102 {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
103{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"}, 103 {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
104{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"}, 104 {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
105{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"}, 105 {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
106{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"}, 106 {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
107{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"}, 107 {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
108{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"}, 108 {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"},
109{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"}, 109 {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
110{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"}, 110 {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
111{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"}, 111 {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
112{ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"}, 112 {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
113{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"}, 113 {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
114{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"}, 114 {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
115{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"}, 115 {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
116{ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"}, 116 {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
117{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"}, 117 {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
118{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"}, 118 {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
119{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"}, 119 {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
120{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"}, 120 {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
121{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"}, 121 {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
122{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"}, 122 {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"},
123{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"}, 123 {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
124{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"}, 124 {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
125{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"}, 125 {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
126{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"}, 126 {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
127{ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"}, 127 {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
128{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"}, 128 {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
129{ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"}, 129 {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
130{ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"}, 130 {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
131{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"}, 131 {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
132{ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"}, 132 {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
133{ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"}, 133 {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
134{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"}, 134 {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
135{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"}, 135 {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
136{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"}, 136 {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
137{ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"}, 137 {0, NULL}
138{0,NULL} 138};
139 };
140 139
141static ERR_STRING_DATA X509V3_str_reasons[]= 140static ERR_STRING_DATA X509V3_str_reasons[] = {
142 { 141 {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"},
143{ERR_REASON(X509V3_R_BAD_IP_ADDRESS) ,"bad ip address"}, 142 {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"},
144{ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"}, 143 {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"},
145{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"}, 144 {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"},
146{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"}, 145 {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"},
147{ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"}, 146 {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
148{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET),"distpoint already set"}, 147 {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"},
149{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"}, 148 {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
150{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"}, 149 {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"},
151{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"}, 150 {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"},
152{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"}, 151 {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
153{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"}, 152 {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"},
154{ERR_REASON(X509V3_R_EXTENSION_EXISTS) ,"extension exists"}, 153 {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
155{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"}, 154 {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
156{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"}, 155 {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"},
157{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"}, 156 {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
158{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"}, 157 {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
159{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"}, 158 {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"},
160{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"}, 159 {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"},
161{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"}, 160 {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
162{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS),"invalid multiple rdns"}, 161 {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"},
163{ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"}, 162 {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"},
164{ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"}, 163 {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
165{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"}, 164 {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"},
166{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"}, 165 {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
167{ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"}, 166 {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"},
168{ERR_REASON(X509V3_R_INVALID_IPADDRESS) ,"invalid ipaddress"}, 167 {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"},
169{ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"}, 168 {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
170{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"}, 169 {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"},
171{ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"}, 170 {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"},
172{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"}, 171 {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"},
173{ERR_REASON(X509V3_R_INVALID_NUMBER) ,"invalid number"}, 172 {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"},
174{ERR_REASON(X509V3_R_INVALID_NUMBERS) ,"invalid numbers"}, 173 {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"},
175{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"}, 174 {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"},
176{ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"}, 175 {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"},
177{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"}, 176 {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"},
178{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"}, 177 {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"},
179{ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"}, 178 {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"},
180{ERR_REASON(X509V3_R_INVALID_SAFI) ,"invalid safi"}, 179 {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"},
181{ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"}, 180 {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"},
182{ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"}, 181 {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
183{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"}, 182 {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"},
184{ERR_REASON(X509V3_R_MISSING_VALUE) ,"missing value"}, 183 {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"},
185{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"}, 184 {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"},
186{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"}, 185 {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
187{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"}, 186 {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"},
188{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) ,"no issuer details"}, 187 {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
189{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"}, 188 {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"},
190{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"}, 189 {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"},
191{ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"}, 190 {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"},
192{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"}, 191 {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
193{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"}, 192 {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
194{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"}, 193 {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"},
195{ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"}, 194 {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"},
196{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),"policy language already defined"}, 195 {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"},
197{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"}, 196 {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"},
198{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),"policy path length already defined"}, 197 {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"},
199{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"}, 198 {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"},
200{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"}, 199 {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"},
201{ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"}, 200 {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"},
202{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"}, 201 {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"},
203{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"}, 202 {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"},
204{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"}, 203 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"},
205{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) ,"unknown extension"}, 204 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
206{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"}, 205 {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"},
207{ERR_REASON(X509V3_R_UNKNOWN_OPTION) ,"unknown option"}, 206 {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"},
208{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"}, 207 {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"},
209{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) ,"unsupported type"}, 208 {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"},
210{ERR_REASON(X509V3_R_USER_TOO_LONG) ,"user too long"}, 209 {0, NULL}
211{0,NULL} 210};
212 };
213 211
214#endif 212#endif
215 213
216void ERR_load_X509V3_strings(void) 214void
217 { 215ERR_load_X509V3_strings(void)
216{
218#ifndef OPENSSL_NO_ERR 217#ifndef OPENSSL_NO_ERR
219 218 if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
220 if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) 219 ERR_load_strings(0, X509V3_str_functs);
221 { 220 ERR_load_strings(0, X509V3_str_reasons);
222 ERR_load_strings(0,X509V3_str_functs);
223 ERR_load_strings(0,X509V3_str_reasons);
224 }
225#endif
226 } 221 }
222#endif
223}
diff --git a/src/lib/libssl/src/crypto/x509v3/v3prin.c b/src/lib/libssl/src/crypto/x509v3/v3prin.c
index d5ff268296..da701de132 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3prin.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3prin.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -56,31 +56,31 @@
56 * 56 *
57 */ 57 */
58 58
59
60
61#include <stdio.h> 59#include <stdio.h>
62#include <openssl/asn1.h> 60#include <openssl/asn1.h>
63#include <openssl/conf.h> 61#include <openssl/conf.h>
64#include <openssl/x509.h> 62#include <openssl/x509.h>
65#include <openssl/x509v3.h> 63#include <openssl/x509v3.h>
66 64
67int main(int argc, char **argv) 65int
66main(int argc, char **argv)
68{ 67{
69 X509 *cert; 68 X509 *cert;
70 FILE *inf; 69 FILE *inf;
71 int i, count; 70 int i, count;
72 X509_EXTENSION *ext; 71 X509_EXTENSION *ext;
72
73 X509V3_add_standard_extensions(); 73 X509V3_add_standard_extensions();
74 ERR_load_crypto_strings(); 74 ERR_load_crypto_strings();
75 if(!argv[1]) { 75 if (!argv[1]) {
76 fprintf(stderr, "Usage v3prin cert.pem\n"); 76 fprintf(stderr, "Usage v3prin cert.pem\n");
77 exit(1); 77 exit(1);
78 } 78 }
79 if(!(inf = fopen(argv[1], "r"))) { 79 if (!(inf = fopen(argv[1], "r"))) {
80 fprintf(stderr, "Can't open %s\n", argv[1]); 80 fprintf(stderr, "Can't open %s\n", argv[1]);
81 exit(1); 81 exit(1);
82 } 82 }
83 if(!(cert = PEM_read_X509(inf, NULL, NULL))) { 83 if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
84 fprintf(stderr, "Can't read certificate %s\n", argv[1]); 84 fprintf(stderr, "Can't read certificate %s\n", argv[1]);
85 ERR_print_errors_fp(stderr); 85 ERR_print_errors_fp(stderr);
86 exit(1); 86 exit(1);
@@ -88,12 +88,13 @@ int main(int argc, char **argv)
88 fclose(inf); 88 fclose(inf);
89 count = X509_get_ext_count(cert); 89 count = X509_get_ext_count(cert);
90 printf("%d extensions\n", count); 90 printf("%d extensions\n", count);
91 for(i = 0; i < count; i++) { 91 for (i = 0; i < count; i++) {
92 ext = X509_get_ext(cert, i); 92 ext = X509_get_ext(cert, i);
93 printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object))); 93 printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
94 if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr); 94 if (!X509V3_EXT_print_fp(stdout, ext, 0, 0))
95 ERR_print_errors_fp(stderr);
95 printf("\n"); 96 printf("\n");
96 97
97 } 98 }
98 return 0; 99 return 0;
99} 100}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 19:46:18 +0000