diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 1999-03-06 19:33:29 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 1999-03-06 19:33:29 +0000 |
| commit | 1756d405cc0d5bf8fd0a40b8d103ee9314522171 (patch) | |
| tree | fb862f3f0c53144b518ebf0eec245a10a355fa90 /crypto/x509v3 | |
| parent | 116e315303d87c1974500a89dc3ff2fe7f88e59d (diff) | |
| download | openssl-1756d405cc0d5bf8fd0a40b8d103ee9314522171.tar.gz | |
Added support for adding extensions to CRLs, also fix a memory leak and
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.
Diffstat (limited to 'crypto/x509v3')
| -rw-r--r-- | crypto/x509v3/v3_conf.c | 23 | ||||
| -rw-r--r-- | crypto/x509v3/x509v3.h | 2 |
2 files changed, 25 insertions, 0 deletions
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index 78dd9954ae..5e0fa0b23f 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -264,6 +264,29 @@ X509 *cert; return 1; } +/* Same as above but for a CRL */ + +int X509V3_EXT_CRL_add_conf(conf, ctx, section, crl) +LHASH *conf; +X509V3_CTX *ctx; +char *section; +X509_CRL *crl; +{ + X509_EXTENSION *ext; + STACK *nval; + CONF_VALUE *val; + int i; + if(!(nval = CONF_get_section(conf, section))) return 0; + for(i = 0; i < sk_num(nval); i++) { + val = (CONF_VALUE *)sk_value(nval, i); + if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) + return 0; + if(crl) X509_CRL_add_ext(crl, ext, -1); + X509_EXTENSION_free(ext); + } + return 1; +} + /* Just check syntax of config file as far as possible */ int X509V3_EXT_check_conf(conf, section) LHASH *conf; diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index 282732e8ef..1f5f797858 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -246,6 +246,7 @@ void X509V3_conf_free(CONF_VALUE *val); X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); +int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); int X509V3_EXT_check_conf(LHASH *conf, char *section); int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); @@ -326,6 +327,7 @@ char *i2s_ASN1_INTEGER(); char * i2s_ASN1_ENUMERATED(); char * i2s_ASN1_ENUMERATED_TABLE(); int X509V3_EXT_add(); +int X509V3_EXT_CRL_add_conf(); int X509V3_EXT_add_alias(); void X509V3_EXT_cleanup(); |