diff options
author | Dr. Stephen Henson <steve@openssl.org> | 1999-08-25 23:18:23 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 1999-08-25 23:18:23 +0000 |
commit | f9150e54214b26fb03f9d933926cb1176198d6c0 (patch) | |
tree | ddec56591f1bba44d0987bd819a57e813d9e0cb5 | |
parent | c79b16e11d70488f4de0e766d78f6a5ce77d99af (diff) | |
download | openssl-f9150e54214b26fb03f9d933926cb1176198d6c0.tar.gz |
Allow the 1.OU="my OU" syntax in 'ca' for SPKACs.
-rw-r--r-- | CHANGES | 7 | ||||
-rw-r--r-- | apps/ca.c | 11 |
2 files changed, 17 insertions, 1 deletions
@@ -4,6 +4,13 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] + *) Add new feature to the SPKAC handling in ca. Now you can include + the same field multiple times by preceding it by "XXXX." for example: + 1.OU="Unit name 1" + 2.OU="Unit name 2" + this is the same syntax as used in the req config file. + [Steve Henson] + *) Allow certificate extensions to be added to certificate requests. These are specified in a 'req_extensions' option of the req section of the config file. They can be printed out with the -text option to req but @@ -1986,8 +1986,17 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, cv=sk_CONF_VALUE_value(sk,i); type=cv->name; - buf=cv->value; + /* Skip past any leading X. X: X, etc to allow for + * multiple instances + */ + for(buf = cv->name; *buf ; buf++) + if ((*buf == ':') || (*buf == ',') || (*buf == '.')) { + buf++; + if(*buf) type = buf; + break; + } + buf=cv->value; if ((nid=OBJ_txt2nid(type)) == NID_undef) { if (strcmp(type, "SPKAC") == 0) |