diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2001-02-13 00:37:44 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2001-02-13 00:37:44 +0000 |
commit | 67c180192417174875fe02ba4ea9738803401240 (patch) | |
tree | ad68c0da50c332d5281b11092436c74632e751b4 /crypto/ocsp | |
parent | 46a58ab94657ea8018ffb2fddc9cf11ef5210341 (diff) | |
download | openssl-67c180192417174875fe02ba4ea9738803401240.tar.gz |
New function OCSP_parse_url() and -url option for ocsp utility.
Doesn't handle SSL URLs yet.
Diffstat (limited to 'crypto/ocsp')
-rw-r--r-- | crypto/ocsp/ocsp.h | 4 | ||||
-rw-r--r-- | crypto/ocsp/ocsp_err.c | 2 | ||||
-rw-r--r-- | crypto/ocsp/ocsp_lib.c | 102 |
3 files changed, 108 insertions, 0 deletions
diff --git a/crypto/ocsp/ocsp.h b/crypto/ocsp/ocsp.h index 1463e2fbcf..5562820658 100644 --- a/crypto/ocsp/ocsp.h +++ b/crypto/ocsp/ocsp.h @@ -447,6 +447,8 @@ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, int OCSP_request_verify(OCSP_REQUEST *req, EVP_PKEY *pkey); +int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl); + int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b); int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b); @@ -568,6 +570,7 @@ void ERR_load_OCSP_strings(void); #define OCSP_F_OCSP_CHECK_IDS 107 #define OCSP_F_OCSP_CHECK_ISSUER 108 #define OCSP_F_OCSP_MATCH_ISSUERID 109 +#define OCSP_F_OCSP_PARSE_URL 114 #define OCSP_F_OCSP_REQUEST_SIGN 110 #define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 #define OCSP_F_OCSP_SENDREQ_BIO 112 @@ -577,6 +580,7 @@ void ERR_load_OCSP_strings(void); #define OCSP_R_BAD_DATA 100 #define OCSP_R_CERTIFICATE_VERIFY_ERROR 101 #define OCSP_R_DIGEST_ERR 102 +#define OCSP_R_ERROR_PARSING_URL 121 #define OCSP_R_MISSING_OCSPSIGNING_USAGE 103 #define OCSP_R_NOT_BASIC_RESPONSE 104 #define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105 diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c index c7a1604343..63677b572e 100644 --- a/crypto/ocsp/ocsp_err.c +++ b/crypto/ocsp/ocsp_err.c @@ -76,6 +76,7 @@ static ERR_STRING_DATA OCSP_str_functs[]= {ERR_PACK(0,OCSP_F_OCSP_CHECK_IDS,0), "OCSP_CHECK_IDS"}, {ERR_PACK(0,OCSP_F_OCSP_CHECK_ISSUER,0), "OCSP_CHECK_ISSUER"}, {ERR_PACK(0,OCSP_F_OCSP_MATCH_ISSUERID,0), "OCSP_MATCH_ISSUERID"}, +{ERR_PACK(0,OCSP_F_OCSP_PARSE_URL,0), "OCSP_parse_url"}, {ERR_PACK(0,OCSP_F_OCSP_REQUEST_SIGN,0), "OCSP_request_sign"}, {ERR_PACK(0,OCSP_F_OCSP_RESPONSE_GET1_BASIC,0), "OCSP_response_get1_basic"}, {ERR_PACK(0,OCSP_F_OCSP_SENDREQ_BIO,0), "OCSP_sendreq_bio"}, @@ -88,6 +89,7 @@ static ERR_STRING_DATA OCSP_str_reasons[]= {OCSP_R_BAD_DATA ,"bad data"}, {OCSP_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"}, {OCSP_R_DIGEST_ERR ,"digest err"}, +{OCSP_R_ERROR_PARSING_URL ,"error parsing url"}, {OCSP_R_MISSING_OCSPSIGNING_USAGE ,"missing ocspsigning usage"}, {OCSP_R_NOT_BASIC_RESPONSE ,"not basic response"}, {OCSP_R_NO_CERTIFICATES_IN_CHAIN ,"no certificates in chain"}, diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index 18511e4fd8..aaa4becaae 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -164,3 +164,105 @@ int OCSP_request_verify(OCSP_REQUEST *req, EVP_PKEY *pkey) } return OCSP_REQUEST_verify(req, pkey); } + + +/* Parse a URL and split it up into host, port and path components and whether + * it is SSL. + */ + +int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl) + { + char *p, *buf; + + char *host, *port; + + /* dup the buffer since we are going to mess with it */ + buf = BUF_strdup(url); + if (!buf) goto mem_err; + + *phost = NULL; + *pport = NULL; + *ppath = NULL; + + /* Check for initial colon */ + p = strchr(buf, ':'); + + if (!p) goto parse_err; + + *(p++) = '\0'; + + if (!strcmp(buf, "http")) + { + *pssl = 0; + port = "80"; + } + else if (!strcmp(buf, "https")) + { + *pssl = 1; + port = "443"; + } + else + goto parse_err; + + /* Check for double slash */ + if ((p[0] != '/') || (p[1] != '/')) + goto parse_err; + + p += 2; + + host = p; + + /* Check for trailing part of path */ + + p = strchr(p, '/'); + + if (!p) + *ppath = BUF_strdup("/"); + else + { + *ppath = BUF_strdup(p); + /* Set start of path to 0 so hostname is valid */ + *p = '\0'; + } + + if (!*ppath) goto mem_err; + + /* Look for optional ':' for port number */ + if ((p = strchr(host, ':'))) + { + *p = 0; + port = p + 1; + } + else + { + /* Not found: set default port */ + if (*pssl) port = "443"; + else port = "80"; + } + + *pport = BUF_strdup(port); + if (!*pport) goto mem_err; + + *phost = BUF_strdup(host); + + if (!*phost) goto mem_err; + + OPENSSL_free(buf); + + return 1; + + mem_err: + OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE); + goto err; + + parse_err: + OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL); + + + err: + if (*ppath) OPENSSL_free(*ppath); + if (*pport) OPENSSL_free(*pport); + if (*phost) OPENSSL_free(*phost); + return 0; + + } |