From 1a15c89988f1be6e3f46b184cc1b27e6cf43e869 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 30 Mar 2003 01:51:16 +0000 Subject: [PATCH] Multi valued AVA support. --- CHANGES | 4 ++++ apps/req.c | 31 +++++++++++++++++++++++++------ crypto/x509v3/v3_utl.c | 15 +++++++++++++-- 3 files changed, 42 insertions(+), 8 deletions(-) diff --git a/CHANGES b/CHANGES index 719a7ff22..e6a179fa5 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.7a and 0.9.8 [xx XXX xxxx] + *) Generate muti valued AVAs using '+' notation in config files for + req and dirName. + [Steve Henson] + *) Support for nameConstraints certificate extension. [Steve Henson] diff --git a/apps/req.c b/apps/req.c index 8304df8aa..c29759961 100644 --- a/apps/req.c +++ b/apps/req.c @@ -133,7 +133,7 @@ static int add_attribute_object(X509_REQ *req, char *text, char *def, char *value, int nid, int n_min, int n_max, unsigned long chtype); static int add_DN_object(X509_NAME *n, char *text, char *def, char *value, - int nid,int n_min,int n_max, unsigned long chtype); + int nid,int n_min,int n_max, unsigned long chtype, int mval); #ifndef OPENSSL_NO_RSA static void MS_CALLBACK req_cb(int p,int n,void *arg); #endif @@ -1259,7 +1259,7 @@ static int prompt_info(X509_REQ *req, int i; char *p,*q; char buf[100]; - int nid; + int nid, mval; long n_min,n_max; char *type,*def,*value; CONF_VALUE *v; @@ -1302,6 +1302,13 @@ start: for (;;) if(*p) type = p; break; } + if (*type == '+') + { + mval = -1; + type++; + } + else + mval = 0; /* If OBJ not recognised ignore it */ if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; @@ -1339,7 +1346,7 @@ start: for (;;) } if (!add_DN_object(subj,v->value,def,value,nid, - n_min,n_max, chtype)) + n_min,n_max, chtype, mval)) return 0; } if (X509_NAME_entry_count(subj) == 0) @@ -1429,6 +1436,7 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) { + int mval; v=sk_CONF_VALUE_value(dn_sk,i); p=q=NULL; type=v->name; @@ -1445,8 +1453,19 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, if(*p) type = p; break; } +#ifndef CHARSET_EBCDIC + if (*p == '+') +#else + if (*p == os_toascii['+']) +#endif + { + p++; + mval = -1; + } + else + mval = 0; if (!X509_NAME_add_entry_by_txt(subj,type, chtype, - (unsigned char *) v->value,-1,-1,0)) return 0; + (unsigned char *) v->value,-1,-1,mval)) return 0; } @@ -1469,7 +1488,7 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, static int add_DN_object(X509_NAME *n, char *text, char *def, char *value, - int nid, int n_min, int n_max, unsigned long chtype) + int nid, int n_min, int n_max, unsigned long chtype, int mval) { int i,ret=0; MS_STATIC char buf[1024]; @@ -1519,7 +1538,7 @@ start: #endif if(!req_check_len(i, n_min, n_max)) goto start; if (!X509_NAME_add_entry_by_NID(n,nid, chtype, - (unsigned char *) buf, -1,-1,0)) goto err; + (unsigned char *) buf, -1,-1,mval)) goto err; ret=1; err: return(ret); diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index 9770b5167..a2bb7b004 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -801,7 +801,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, unsigned long chtype) { CONF_VALUE *v; - int i; + int i, mval; char *p, *type; if (!nm) return 0; @@ -824,8 +824,19 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, if(*p) type = p; break; } +#ifndef CHARSET_EBCDIC + if (*p == '+') +#else + if (*p == os_toascii['+']) +#endif + { + mval = -1; + p++; + } + else + mval = 0; if (!X509_NAME_add_entry_by_txt(nm,type, chtype, - (unsigned char *) v->value,-1,-1,0)) + (unsigned char *) v->value,-1,-1,mval)) return 0; }