6 files changed, 84 insertions, 6 deletions

diff --git a/CHANGES b/CHANGES
index c22cd3f734..a7516c4783 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Code to support otherName option in GeneralName.
+     [Steve Henson]
+
   *) First update to verify code. Change the verify utility
      so it warns if it is passed a self signed certificate:
      for consistency with the normal behaviour. X509_verify
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 1c3a4600cd..bf481042bc 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -858,6 +858,7 @@ void ASN1_STRING_TABLE_cleanup(void);
 #define ASN1_F_D2I_NETSCAPE_SPKAC			 143
 #define ASN1_F_D2I_NETSCAPE_SPKI			 144
 #define ASN1_F_D2I_NOTICEREF				 268
+#define ASN1_F_D2I_OTHERNAME				 287
 #define ASN1_F_D2I_PBE2PARAM				 262
 #define ASN1_F_D2I_PBEPARAM				 249
 #define ASN1_F_D2I_PBKDF2PARAM				 263
@@ -926,6 +927,7 @@ void ASN1_STRING_TABLE_cleanup(void);
 #define ASN1_F_NETSCAPE_SPKAC_NEW			 190
 #define ASN1_F_NETSCAPE_SPKI_NEW			 191
 #define ASN1_F_NOTICEREF_NEW				 272
+#define ASN1_F_OTHERNAME_NEW				 288
 #define ASN1_F_PBE2PARAM_NEW				 264
 #define ASN1_F_PBEPARAM_NEW				 251
 #define ASN1_F_PBKDF2PARAM_NEW				 265
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index a577dafb89..1167029ad3 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -138,6 +138,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0),	"d2i_NETSCAPE_SPKAC"},
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0),	"d2i_NETSCAPE_SPKI"},
 {ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0),	"d2i_NOTICEREF"},
+{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0),	"d2i_OTHERNAME"},
 {ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0),	"d2i_PBE2PARAM"},
 {ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0),	"d2i_PBEPARAM"},
 {ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0),	"d2i_PBKDF2PARAM"},
@@ -206,6 +207,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0),	"NETSCAPE_SPKAC_new"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0),	"NETSCAPE_SPKI_new"},
 {ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0),	"NOTICEREF_new"},
+{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0),	"OTHERNAME_new"},
 {ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0),	"PBE2PARAM_new"},
 {ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0),	"PBEPARAM_new"},
 {ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0),	"PBKDF2PARAM_new"},
diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c
index 5e580e5d5e..bd126033ac 100644
--- a/crypto/x509v3/v3_genn.c
+++ b/crypto/x509v3/v3_genn.c
@@ -88,12 +88,15 @@ int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
 
 	switch(a->type) {
 
-		case GEN_OTHERNAME:
 		case GEN_X400:
 		case GEN_EDIPARTY:
 		ret = i2d_ASN1_TYPE(a->d.other, pp);
 		break;
 
+		case GEN_OTHERNAME:
+		ret = i2d_OTHERNAME(a->d.otherName, pp);
+		break;
+
 		case GEN_EMAIL:
 		case GEN_DNS:
 		case GEN_URI:
@@ -137,12 +140,15 @@ GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
 
 	switch(ret->type) {
 		/* Just put these in a "blob" for now */
-		case GEN_OTHERNAME:
 		case GEN_X400:
 		case GEN_EDIPARTY:
 		M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
 		break;
 
+		case GEN_OTHERNAME:
+		M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
+		break;
+
 		case GEN_EMAIL:
 		case GEN_DNS:
 		case GEN_URI:
@@ -176,12 +182,15 @@ void GENERAL_NAME_free(GENERAL_NAME *a)
 {
 	if (a == NULL) return;
 	switch(a->type) {
-		case GEN_OTHERNAME:
 		case GEN_X400:
 		case GEN_EDIPARTY:
 		ASN1_TYPE_free(a->d.other);
 		break;
 
+		case GEN_OTHERNAME:
+		OTHERNAME_free(a->d.otherName);
+		break;
+
 		case GEN_EMAIL:
 		case GEN_DNS:
 		case GEN_URI:
@@ -205,8 +214,8 @@ void GENERAL_NAME_free(GENERAL_NAME *a)
 	Free ((char *)a);
 }
 
-/* Now the GeneralNames versions: a SEQUENCE OF GeneralName These are needed as
- * an explicit functions.
+/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
+ * explicit functions.
  */
 
 STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
@@ -235,3 +244,48 @@ return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
 IMPLEMENT_STACK_OF(GENERAL_NAME)
 IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
 
+int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp)
+{
+	int v = 0;
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
+	M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
+	M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
+
+	M_ASN1_I2D_finish();
+}
+
+OTHERNAME *OTHERNAME_new(void)
+{
+	OTHERNAME *ret=NULL;
+	ASN1_CTX c;
+	M_ASN1_New_Malloc(ret, OTHERNAME);
+	ret->type_id = OBJ_nid2obj(NID_undef);
+	M_ASN1_New(ret->value, ASN1_TYPE_new);
+	return (ret);
+	M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
+}
+
+OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length)
+{
+	M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
+	M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
+	M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
+}
+
+void OTHERNAME_free(OTHERNAME *a)
+{
+	if (a == NULL) return;
+	ASN1_OBJECT_free(a->type_id);
+	ASN1_TYPE_free(a->value);
+	Free ((char *)a);
+}
+
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index d082133911..82c5ca78ca 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -149,6 +149,11 @@ ASN1_GENERALIZEDTIME *notBefore;
 ASN1_GENERALIZEDTIME *notAfter;
 } PKEY_USAGE_PERIOD;
 
+typedef struct otherName_st {
+ASN1_OBJECT *type_id;
+ASN1_TYPE *value;
+} OTHERNAME;
+
 typedef struct GENERAL_NAME_st {
 
 #define GEN_OTHERNAME	(0|V_ASN1_CONTEXT_SPECIFIC)
@@ -168,7 +173,8 @@ union {
 	ASN1_OCTET_STRING *ip; /* iPAddress */
 	X509_NAME *dirn;		/* dirn */
 	ASN1_OBJECT *rid; /* registeredID */
-	ASN1_TYPE *other; /* otherName, ediPartyName, x400Address */
+	OTHERNAME *otherName; /* otherName */
+	ASN1_TYPE *other; /* ediPartyName, x400Address */
 } d;
 } GENERAL_NAME;
 
@@ -376,6 +382,11 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
+int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
+OTHERNAME *OTHERNAME_new(void);
+OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
+void OTHERNAME_free(OTHERNAME *a);
+
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
 
diff --git a/util/libeay.num b/util/libeay.num
index c8a84e4cab..b08c1faef5 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -2020,3 +2020,9 @@ X509_notrust_set_bit_asc                2044
 i2d_X509_AUX                            2045
 ASN1_BIT_STRING_name_print              2046
 X509_add_trust_object                   2047
+OTHERNAME_new                           2048
+i2d_OTHERNAME                           2049
+CRYPTO_add_info                         2050
+d2i_OTHERNAME                           2051
+OTHERNAME_free                          2052
+X509_cmp                                2053