Add OCSP service locator extension.

crypto/x509v3/ext_dat.h

@@ -62,7 +62,7 @@ extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info;
 extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
 extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld;
 extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
-extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck;
+extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
 
 /* This table will be searched using OBJ_bsearch so it *must* kept in
  * order of the ext_nid values.
@@ -95,7 +95,8 @@ static X509V3_EXT_METHOD *standard_exts[] = {
 &v3_ocsp_crlid,
 &v3_ocsp_accresp,
 &v3_ocsp_nocheck,
-&v3_ocsp_acutoff
+&v3_ocsp_acutoff,
+&v3_ocsp_serviceloc
 };
 
 /* Number of standard extensions */

crypto/x509v3/v3_alt.c

@@ -97,8 +97,8 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
 				GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
 {
-	char oline[256];
 	unsigned char *p;
+	char oline[256];
 	switch (gen->type)
 	{
 		case GEN_OTHERNAME:
@@ -151,7 +151,6 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
 
 int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
 {
-	char oline[256];
 	unsigned char *p;
 	switch (gen->type)
 	{
@@ -181,8 +180,8 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
 		break;
 
 		case GEN_DIRNAME:
-		X509_NAME_oneline(gen->d.dirn, oline, 256);
+		BIO_printf(out, "DirName: ");
-		BIO_printf(out, "DirName:%s",oline);
+		X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
 		break;
 
 		case GEN_IPADD:

crypto/x509v3/v3_ocsp.c

@@ -77,6 +77,7 @@ static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int
 
 static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent);
 static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
+static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind);
 
 X509V3_EXT_METHOD v3_ocsp_crlid = {
 	NID_id_pkix_OCSP_CrlID, 0, &OCSP_CRLID_it,
@@ -117,6 +118,15 @@ X509V3_EXT_METHOD v3_ocsp_nocheck = {
 	NULL
 };
 
+X509V3_EXT_METHOD v3_ocsp_serviceloc = {
+	NID_id_pkix_OCSP_serviceLocator, 0, &OCSP_SERVICELOC_it,
+	0,0,0,0,
+	0,0,
+	0,0,
+	i2r_ocsp_serviceloc,0,
+	NULL
+};
+
 static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
 {
 	OCSP_CRLID *a = in;
@@ -212,3 +222,25 @@ static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *
 {
 	return ASN1_NULL_new();
 }
+
+static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
+        {
+	int i;
+	OCSP_SERVICELOC *a = in;
+	ACCESS_DESCRIPTION *ad;
+
+        if (BIO_printf(bp, "%*ssIissuer: ", ind, "") <= 0) goto err;
+        if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) goto err;
+	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++)
+	        {
+				ad = sk_ACCESS_DESCRIPTION_value(a->locator,i);
+				if (BIO_printf(bp, "\n%*s", (2*ind), "") <= 0) 
+					goto err;
+				if(i2a_ASN1_OBJECT(bp, ad->method) <= 0) goto err;
+				if(BIO_puts(bp, " - ") <= 0) goto err;
+				if(GENERAL_NAME_print(bp, ad->location) <= 0) goto err;
+		}
+	return 1;
+err:
+	return 0;
+	}