| OLD | NEW |
|---|
| 1 /* v3_alt.c */ | 1 /* v3_alt.c */ |
| 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 * project. | 3 * project. |
| 4 */ | 4 */ |
| 5 /* ==================================================================== | 5 /* ==================================================================== |
| 6 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. |
| 7 * | 7 * |
| 8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
| 9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
| 10 * are met: | 10 * are met: |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 (X509V3_EXT_I2V)i2v_GENERAL_NAMES, | 75 (X509V3_EXT_I2V)i2v_GENERAL_NAMES, |
| 76 (X509V3_EXT_V2I)v2i_subject_alt, | 76 (X509V3_EXT_V2I)v2i_subject_alt, |
| 77 NULL, NULL, NULL}, | 77 NULL, NULL, NULL}, |
| 78 | 78 |
| 79 { NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), | 79 { NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), |
| 80 0,0,0,0, | 80 0,0,0,0, |
| 81 0,0, | 81 0,0, |
| 82 (X509V3_EXT_I2V)i2v_GENERAL_NAMES, | 82 (X509V3_EXT_I2V)i2v_GENERAL_NAMES, |
| 83 (X509V3_EXT_V2I)v2i_issuer_alt, | 83 (X509V3_EXT_V2I)v2i_issuer_alt, |
| 84 NULL, NULL, NULL}, | 84 NULL, NULL, NULL}, |
| 85 |
| 86 { NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES), |
| 87 0,0,0,0, |
| 88 0,0, |
| 89 (X509V3_EXT_I2V)i2v_GENERAL_NAMES, |
| 90 NULL, NULL, NULL, NULL}, |
| 85 }; | 91 }; |
| 86 | 92 |
| 87 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, | 93 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, |
| 88 GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret) | 94 GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret) |
| 89 { | 95 { |
| 90 int i; | 96 int i; |
| 91 GENERAL_NAME *gen; | 97 GENERAL_NAME *gen; |
| 92 for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) { | 98 for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) { |
| 93 gen = sk_GENERAL_NAME_value(gens, i); | 99 gen = sk_GENERAL_NAME_value(gens, i); |
| 94 ret = i2v_GENERAL_NAME(method, gen, ret); | 100 ret = i2v_GENERAL_NAME(method, gen, ret); |
| (...skipping 285 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 380 | 386 |
| 381 return 1; | 387 return 1; |
| 382 | 388 |
| 383 err: | 389 err: |
| 384 GENERAL_NAME_free(gen); | 390 GENERAL_NAME_free(gen); |
| 385 M_ASN1_IA5STRING_free(email); | 391 M_ASN1_IA5STRING_free(email); |
| 386 return 0; | 392 return 0; |
| 387 | 393 |
| 388 } | 394 } |
| 389 | 395 |
| 390 GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, | 396 GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, |
| 391 » » » » X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | 397 » » » » X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) |
| 392 { | 398 { |
| 393 GENERAL_NAME *gen; | 399 GENERAL_NAME *gen; |
| 394 GENERAL_NAMES *gens = NULL; | 400 GENERAL_NAMES *gens = NULL; |
| 395 CONF_VALUE *cnf; | 401 CONF_VALUE *cnf; |
| 396 int i; | 402 int i; |
| 397 if(!(gens = sk_GENERAL_NAME_new_null())) { | 403 if(!(gens = sk_GENERAL_NAME_new_null())) { |
| 398 X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); | 404 X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); |
| 399 return NULL; | 405 return NULL; |
| 400 } | 406 } |
| 401 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | 407 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { |
| 402 cnf = sk_CONF_VALUE_value(nval, i); | 408 cnf = sk_CONF_VALUE_value(nval, i); |
| 403 if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; | 409 if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; |
| 404 sk_GENERAL_NAME_push(gens, gen); | 410 sk_GENERAL_NAME_push(gens, gen); |
| 405 } | 411 } |
| 406 return gens; | 412 return gens; |
| 407 err: | 413 err: |
| 408 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); | 414 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); |
| 409 return NULL; | 415 return NULL; |
| 410 } | 416 } |
| 411 | 417 |
| 412 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | 418 GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 413 » » » » » » » CONF_VALUE *cnf) | 419 » » » CONF_VALUE *cnf) |
| 414 { | 420 { |
| 415 return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); | 421 return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); |
| 416 } | 422 } |
| 417 | 423 |
| 418 GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, | 424 GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, |
| 419 » » » » X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | 425 » » » const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, |
| 420 » » » » » » CONF_VALUE *cnf, int is_nc) | 426 » » » int gen_type, char *value, int is_nc) |
| 421 { | 427 { |
| 422 char is_string = 0; | 428 char is_string = 0; |
| 423 int type; | |
| 424 GENERAL_NAME *gen = NULL; | 429 GENERAL_NAME *gen = NULL; |
| 425 | 430 |
| 426 char *name, *value; | |
| 427 | |
| 428 name = cnf->name; | |
| 429 value = cnf->value; | |
| 430 | |
| 431 if(!value) | 431 if(!value) |
| 432 { | 432 { |
| 433 » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE); | 433 » » X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE); |
| 434 return NULL; | 434 return NULL; |
| 435 } | 435 } |
| 436 | 436 |
| 437 if (out) | 437 if (out) |
| 438 gen = out; | 438 gen = out; |
| 439 else | 439 else |
| 440 { | 440 { |
| 441 gen = GENERAL_NAME_new(); | 441 gen = GENERAL_NAME_new(); |
| 442 if(gen == NULL) | 442 if(gen == NULL) |
| 443 { | 443 { |
| 444 » » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAIL
URE); | 444 » » » X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE
); |
| 445 return NULL; | 445 return NULL; |
| 446 } | 446 } |
| 447 } | 447 } |
| 448 | 448 |
| 449 » if(!name_cmp(name, "email")) | 449 » switch (gen_type) |
| 450 { | 450 { |
| 451 case GEN_URI: |
| 452 case GEN_EMAIL: |
| 453 case GEN_DNS: |
| 451 is_string = 1; | 454 is_string = 1; |
| 452 » » type = GEN_EMAIL; | 455 » » break; |
| 453 » » } | 456 » » |
| 454 » else if(!name_cmp(name, "URI")) | 457 » » case GEN_RID: |
| 455 » » { | |
| 456 » » is_string = 1; | |
| 457 » » type = GEN_URI; | |
| 458 » » } | |
| 459 » else if(!name_cmp(name, "DNS")) | |
| 460 » » { | |
| 461 » » is_string = 1; | |
| 462 » » type = GEN_DNS; | |
| 463 » » } | |
| 464 » else if(!name_cmp(name, "RID")) | |
| 465 { | 458 { |
| 466 ASN1_OBJECT *obj; | 459 ASN1_OBJECT *obj; |
| 467 if(!(obj = OBJ_txt2obj(value,0))) | 460 if(!(obj = OBJ_txt2obj(value,0))) |
| 468 { | 461 { |
| 469 » » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJE
CT); | 462 » » » X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT)
; |
| 470 ERR_add_error_data(2, "value=", value); | 463 ERR_add_error_data(2, "value=", value); |
| 471 goto err; | 464 goto err; |
| 472 } | 465 } |
| 473 gen->d.rid = obj; | 466 gen->d.rid = obj; |
| 474 type = GEN_RID; | |
| 475 } | 467 } |
| 476 » else if(!name_cmp(name, "IP")) | 468 » » break; |
| 477 » » { | 469 |
| 470 » » case GEN_IPADD: |
| 478 if (is_nc) | 471 if (is_nc) |
| 479 gen->d.ip = a2i_IPADDRESS_NC(value); | 472 gen->d.ip = a2i_IPADDRESS_NC(value); |
| 480 else | 473 else |
| 481 gen->d.ip = a2i_IPADDRESS(value); | 474 gen->d.ip = a2i_IPADDRESS(value); |
| 482 if(gen->d.ip == NULL) | 475 if(gen->d.ip == NULL) |
| 483 { | 476 { |
| 484 » » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_A
DDRESS); | 477 » » » X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDR
ESS); |
| 485 ERR_add_error_data(2, "value=", value); | 478 ERR_add_error_data(2, "value=", value); |
| 486 goto err; | 479 goto err; |
| 487 } | 480 } |
| 488 » » type = GEN_IPADD; | 481 » » break; |
| 489 » » } | 482 |
| 490 » else if(!name_cmp(name, "dirName")) | 483 » » case GEN_DIRNAME: |
| 491 » » { | |
| 492 » » type = GEN_DIRNAME; | |
| 493 if (!do_dirname(gen, value, ctx)) | 484 if (!do_dirname(gen, value, ctx)) |
| 494 { | 485 { |
| 495 » » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_
ERROR); | 486 » » » X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERR
OR); |
| 496 goto err; | 487 goto err; |
| 497 } | 488 } |
| 498 » » } | 489 » » break; |
| 499 » else if(!name_cmp(name, "otherName")) | 490 |
| 500 » » { | 491 » » case GEN_OTHERNAME: |
| 501 if (!do_othername(gen, value, ctx)) | 492 if (!do_othername(gen, value, ctx)) |
| 502 { | 493 { |
| 503 » » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAM
E_ERROR); | 494 » » » X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_E
RROR); |
| 504 goto err; | 495 goto err; |
| 505 } | 496 } |
| 506 » » type = GEN_OTHERNAME; | 497 » » break; |
| 507 » » } | 498 » » default: |
| 508 » else | 499 » » X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE); |
| 509 » » { | |
| 510 » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTI
ON); | |
| 511 » » ERR_add_error_data(2, "name=", name); | |
| 512 goto err; | 500 goto err; |
| 513 } | 501 } |
| 514 | 502 |
| 515 if(is_string) | 503 if(is_string) |
| 516 { | 504 { |
| 517 if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || | 505 if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || |
| 518 !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value
, | 506 !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value
, |
| 519 strlen(value))) | 507 strlen(value))) |
| 520 { | 508 { |
| 521 » » » X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAIL
URE); | 509 » » » X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE
); |
| 522 goto err; | 510 goto err; |
| 523 } | 511 } |
| 524 } | 512 } |
| 525 | 513 |
| 526 » gen->type = type; | 514 » gen->type = gen_type; |
| 527 | 515 |
| 528 return gen; | 516 return gen; |
| 529 | 517 |
| 530 err: | 518 err: |
| 531 if (!out) | 519 if (!out) |
| 532 GENERAL_NAME_free(gen); | 520 GENERAL_NAME_free(gen); |
| 533 return NULL; | 521 return NULL; |
| 534 } | 522 } |
| 535 | 523 |
| 524 GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, |
| 525 const X509V3_EXT_METHOD *method, |
| 526 X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc) |
| 527 { |
| 528 int type; |
| 529 |
| 530 char *name, *value; |
| 531 |
| 532 name = cnf->name; |
| 533 value = cnf->value; |
| 534 |
| 535 if(!value) |
| 536 { |
| 537 X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE); |
| 538 return NULL; |
| 539 } |
| 540 |
| 541 if(!name_cmp(name, "email")) |
| 542 type = GEN_EMAIL; |
| 543 else if(!name_cmp(name, "URI")) |
| 544 type = GEN_URI; |
| 545 else if(!name_cmp(name, "DNS")) |
| 546 type = GEN_DNS; |
| 547 else if(!name_cmp(name, "RID")) |
| 548 type = GEN_RID; |
| 549 else if(!name_cmp(name, "IP")) |
| 550 type = GEN_IPADD; |
| 551 else if(!name_cmp(name, "dirName")) |
| 552 type = GEN_DIRNAME; |
| 553 else if(!name_cmp(name, "otherName")) |
| 554 type = GEN_OTHERNAME; |
| 555 else |
| 556 { |
| 557 X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTI
ON); |
| 558 ERR_add_error_data(2, "name=", name); |
| 559 return NULL; |
| 560 } |
| 561 |
| 562 return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc); |
| 563 |
| 564 } |
| 565 |
| 536 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) | 566 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) |
| 537 { | 567 { |
| 538 char *objtmp = NULL, *p; | 568 char *objtmp = NULL, *p; |
| 539 int objlen; | 569 int objlen; |
| 540 if (!(p = strchr(value, ';'))) | 570 if (!(p = strchr(value, ';'))) |
| 541 return 0; | 571 return 0; |
| 542 if (!(gen->d.otherName = OTHERNAME_new())) | 572 if (!(gen->d.otherName = OTHERNAME_new())) |
| 543 return 0; | 573 return 0; |
| 544 /* Free this up because we will overwrite it. | 574 /* Free this up because we will overwrite it. |
| 545 * no need to free type_id because it is static | 575 * no need to free type_id because it is static |
| (...skipping 25 matching lines...) Expand all Loading... |
| 571 X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND); | 601 X509V3err(X509V3_F_DO_DIRNAME,X509V3_R_SECTION_NOT_FOUND); |
| 572 ERR_add_error_data(2, "section=", value); | 602 ERR_add_error_data(2, "section=", value); |
| 573 X509_NAME_free(nm); | 603 X509_NAME_free(nm); |
| 574 return 0; | 604 return 0; |
| 575 } | 605 } |
| 576 /* FIXME: should allow other character types... */ | 606 /* FIXME: should allow other character types... */ |
| 577 ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); | 607 ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); |
| 578 if (!ret) | 608 if (!ret) |
| 579 X509_NAME_free(nm); | 609 X509_NAME_free(nm); |
| 580 gen->d.dirn = nm; | 610 gen->d.dirn = nm; |
| 581 | |
| 582 X509V3_section_free(ctx, sk); | 611 X509V3_section_free(ctx, sk); |
| 583 | 612 |
| 584 return ret; | 613 return ret; |
| 585 } | 614 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/