diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2001-10-27 17:03:20 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2001-10-27 17:03:20 +0000 |
commit | 437db75b943ba0f72eb27d49f660a6d69dfddf1b (patch) | |
tree | 4e7f6a96d7ec4b6eef8d2350ef5cba6811ad22fb /apps | |
parent | 1586365835e8eb950e804a4f1e62cff9563061bb (diff) | |
download | openssl-437db75b943ba0f72eb27d49f660a6d69dfddf1b.tar.gz |
Bugfixes for noemailDN option. Make it use the
correct name (instead of NULL) if nomailDN is
not set, fix memory leaks and retain DN structure
when deleting emailAddress.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/ca.c | 32 |
1 files changed, 15 insertions, 17 deletions
@@ -2046,29 +2046,25 @@ again2: /* Build the correct Subject if no e-mail is wanted in the subject */ /* and add it later on because of the method extensions are added (altName) */ - if (!email_dn) + if (email_dn) + dn_subject = subject; + else { - if ((dn_subject=X509_NAME_new()) == NULL) + X509_NAME_ENTRY *tmpne; + /* Its best to dup the subject DN and then delete any email + * addresses because this retains its structure. + */ + if (!(dn_subject = X509_NAME_dup(subject))) { BIO_printf(bio_err,"Memory allocation failure\n"); goto err; } - - for (i=0; i<X509_NAME_entry_count(subject); i++) + while((i = X509_NAME_get_index_by_NID(dn_subject, + NID_pkcs9_emailAddress, -1) >= 0)) { - ne= X509_NAME_get_entry(subject,i); - obj=X509_NAME_ENTRY_get_object(ne); - nid=OBJ_obj2nid(obj); - - str=X509_NAME_ENTRY_get_data(ne); - - if (nid == NID_pkcs9_emailAddress) continue; - - if (!X509_NAME_add_entry(dn_subject,ne, -1, 0)) - { - BIO_printf(bio_err,"Memory allocation failure\n"); - goto err; - } + tmpne = X509_NAME_get_entry(dn_subject, i); + X509_NAME_delete_entry(dn_subject, i); + X509_NAME_ENTRY_free(tmpne); } } @@ -2327,6 +2323,8 @@ err: X509_NAME_free(CAname); if (subject != NULL) X509_NAME_free(subject); + if ((dn_subject != NULL) && !email_dn) + X509_NAME_free(dn_subject); if (tmptm != NULL) ASN1_UTCTIME_free(tmptm); if (ok <= 0) |