diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c index 51f22aa7c..c840047cd 100644 --- a/crypto/asn1/tasn_utl.c +++ b/crypto/asn1/tasn_utl.c @@ -243,6 +243,12 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, else selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); + /* Let application callback translate value */ + if (adb->adb_cb != NULL && adb->adb_cb(&selector) == 0) { + ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); + return NULL; + } + /* * Try to find matching entry in table Maybe should check application * types first to allow application override? Might also be useful to diff --git a/include/openssl/asn1t.h b/include/openssl/asn1t.h index 46fd086e2..1a17ee95f 100644 --- a/include/openssl/asn1t.h +++ b/include/openssl/asn1t.h @@ -463,12 +463,12 @@ extern "C" { # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION -# define ASN1_ADB_END(name, flags, field, app_table, def, none) \ +# define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \ ;\ static const ASN1_ADB name##_adb = {\ flags,\ offsetof(name, field),\ - app_table,\ + adb_cb,\ name##_adbtbl,\ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ def,\ @@ -477,7 +477,7 @@ extern "C" { # else -# define ASN1_ADB_END(name, flags, field, app_table, def, none) \ +# define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \ ;\ static const ASN1_ITEM *name##_adb(void) \ { \ @@ -485,7 +485,7 @@ extern "C" { {\ flags,\ offsetof(name, field),\ - app_table,\ + adb_cb,\ name##_adbtbl,\ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ def,\ @@ -529,7 +529,7 @@ typedef struct ASN1_ADB_st ASN1_ADB; struct ASN1_ADB_st { unsigned long flags; /* Various flags */ unsigned long offset; /* Offset of selector field */ - STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */ + int (*adb_cb)(long *psel); /* Application callback */ const ASN1_ADB_TABLE *tbl; /* Table of possible types */ long tblcount; /* Number of entries in tbl */ const ASN1_TEMPLATE *default_tt; /* Type to use if no match */