From 6e96eaebe016804a96aa99c8a06a2654103f8de6 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Mon, 7 Mar 2016 17:07:54 -0800 Subject: [PATCH] Add |X509_EXT_conf_nid| to decrepit. This function is a deprecated version of |X509_EXT_nconf_nid| that takes a hash of |CONF_VALUE|s directly rather than a |CONF|. Change-Id: I5fd1025b31d73b988d9298b2624453017dd34ff4 Reviewed-on: https://boringssl-review.googlesource.com/7363 Reviewed-by: David Benjamin --- decrepit/CMakeLists.txt | 2 ++ decrepit/x509/CMakeLists.txt | 9 ++++++++ decrepit/x509/x509_decrepit.c | 42 +++++++++++++++++++++++++++++++++++ include/openssl/x509v3.h | 1 + 4 files changed, 54 insertions(+) create mode 100644 decrepit/x509/CMakeLists.txt create mode 100644 decrepit/x509/x509_decrepit.c diff --git a/decrepit/CMakeLists.txt b/decrepit/CMakeLists.txt index d158def2..6f83bdce 100644 --- a/decrepit/CMakeLists.txt +++ b/decrepit/CMakeLists.txt @@ -5,6 +5,7 @@ add_subdirectory(des) add_subdirectory(dsa) add_subdirectory(evp) add_subdirectory(rsa) +add_subdirectory(x509) add_subdirectory(xts) add_library( @@ -17,6 +18,7 @@ add_library( $ $ $ + $ $ ) diff --git a/decrepit/x509/CMakeLists.txt b/decrepit/x509/CMakeLists.txt new file mode 100644 index 00000000..930912d1 --- /dev/null +++ b/decrepit/x509/CMakeLists.txt @@ -0,0 +1,9 @@ +include_directories(../../include) + +add_library( + x509_decrepit + + OBJECT + + x509_decrepit.c +) diff --git a/decrepit/x509/x509_decrepit.c b/decrepit/x509/x509_decrepit.c new file mode 100644 index 00000000..5714b40a --- /dev/null +++ b/decrepit/x509/x509_decrepit.c @@ -0,0 +1,42 @@ +/* Copyright (c) 2016, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include +#include + + +X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, + X509V3_CTX *ctx, int ext_nid, char *value) { + CONF *nconf = NULL; + LHASH_OF(CONF_VALUE) *orig_data = NULL; + + if (conf != NULL) { + nconf = NCONF_new(NULL /* no method */); + if (nconf == NULL) { + return NULL; + } + + orig_data = nconf->data; + nconf->data = conf; + } + + X509_EXTENSION *ret = X509V3_EXT_nconf_nid(nconf, ctx, ext_nid, value); + + if (nconf != NULL) { + nconf->data = orig_data; + NCONF_free(nconf); + } + + return ret; +} diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index b7b8ba71..a3d5a4ba 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h @@ -600,6 +600,7 @@ OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); OPENSSL_EXPORT void X509V3_conf_free(CONF_VALUE *val); +OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int ext_nid, char *value); OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value); OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk);