← Back to branch summary

~andersk/ubuntu/oneiric/openssl/spurious-reboot

« back to all changes in this revision

Viewing changes to crypto/pkcs7/pk7_attr.c

  • Committer: Bazaar Package Importer
  • Author(s): Colin Watson
  • Date: 2011-05-01 23:51:53 UTC
  • mfrom: (11.1.20 sid)
  • Revision ID: james.westby@ubuntu.com-20110501235153-bjcxitndquaezb68
Tags: 1.0.0d-2ubuntu1
https://launchpad.net/bugs/675566
* Resynchronise with Debian (LP: #675566).  Remaining changes:
  - debian/libssl1.0.0.postinst:
    + Display a system restart required notification bubble on libssl1.0.0
      upgrade.
    + Use a different priority for libssl1.0.0/restart-services depending
      on whether a desktop, or server dist-upgrade is being performed.
  - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
    libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
    in Debian).
  - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
    rules}: Move runtime libraries to /lib, for the benefit of
    wpasupplicant.
  - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
    http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
    0.9.8 variant.
  - debian/patches/Bsymbolic-functions.patch: Link using
    -Bsymbolic-functions.
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
    .pc.
  - debian/rules:
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building.  Patch from Neil Williams.
    + Don't build for processors no longer supported: i486, i586 (on
      i386), v8 (on sparc).
    + Fix Makefile to properly clean up libs/ dirs in clean target.
    + Replace duplicate files in the doc directory with symlinks.
* Update architectures affected by Bsymbolic-functions.patch.
* Drop debian/patches/no-sslv2.patch; Debian now adds the 'no-ssl2'
  configure option, which compiles out SSLv2 support entirely, so this is
  no longer needed.
* Drop openssl-doc in favour of the libssl-doc package introduced by
  Debian.  Add Conflicts/Replaces until the next LTS release.

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/pkcs7/pk7_attr.c
60
60
#include <stdlib.h>
61
61
#include <openssl/bio.h>
62
62
#include <openssl/asn1.h>
 
63
#include <openssl/asn1t.h>
63
64
#include <openssl/pem.h>
64
65
#include <openssl/pkcs7.h>
65
66
#include <openssl/x509.h>
68
69
int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
69
70
{
70
71
        ASN1_STRING *seq;
71
 
        unsigned char *p, *pp;
72
 
        int len;
73
 
        len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR,
74
 
                                       V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL,
75
 
                                       IS_SEQUENCE);
76
 
        if(!(pp=(unsigned char *)OPENSSL_malloc(len))) {
77
 
                PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
78
 
                return 0;
79
 
        }
80
 
        p=pp;
81
 
        i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE,
82
 
                                   V_ASN1_UNIVERSAL, IS_SEQUENCE);
83
72
        if(!(seq = ASN1_STRING_new())) {
84
73
                PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
85
74
                return 0;
86
75
        }
87
 
        if(!ASN1_STRING_set (seq, pp, len)) {
88
 
                PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
89
 
                return 0;
90
 
        }
91
 
        OPENSSL_free (pp);
 
76
        seq->length = ASN1_item_i2d((ASN1_VALUE *)cap,&seq->data,
 
77
                                ASN1_ITEM_rptr(X509_ALGORS));
92
78
        return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
93
79
                                                        V_ASN1_SEQUENCE, seq);
94
80
}
102
88
        if (!cap || (cap->type != V_ASN1_SEQUENCE))
103
89
                return NULL;
104
90
        p = cap->value.sequence->data;
105
 
        return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
106
 
                                          cap->value.sequence->length,
107
 
                                          d2i_X509_ALGOR, X509_ALGOR_free,
108
 
                                          V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
 
91
        return (STACK_OF(X509_ALGOR) *)
 
92
                ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
 
93
                                ASN1_ITEM_rptr(X509_ALGORS));
109
94
        }
110
95
 
111
96
/* Basic smime-capabilities OID and optional integer arg */
139
124
        sk_X509_ALGOR_push (sk, alg);
140
125
        return 1;
141
126
}
 
127
 
 
128
int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
 
129
        {
 
130
        if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
 
131
                return 0;
 
132
        if (!coid)
 
133
                coid = OBJ_nid2obj(NID_pkcs7_data);
 
134
        return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
 
135
                                V_ASN1_OBJECT, coid);
 
136
        }
 
137
 
 
138
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
 
139
        {
 
140
        if (!t && !(t=X509_gmtime_adj(NULL,0)))
 
141
                {
 
142
                PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
 
143
                                ERR_R_MALLOC_FAILURE);
 
144
                return 0;
 
145
                }
 
146
        return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
 
147
                                                V_ASN1_UTCTIME, t);
 
148
        }
 
149
 
 
150
int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
 
151
                                const unsigned char *md, int mdlen)
 
152
        {
 
153
        ASN1_OCTET_STRING *os;
 
154
        os = ASN1_OCTET_STRING_new();
 
155
        if (!os)
 
156
                return 0;
 
157
        if (!ASN1_STRING_set(os, md, mdlen)
 
158
                || !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
 
159
                                                V_ASN1_OCTET_STRING, os))
 
160
                {
 
161
                ASN1_OCTET_STRING_free(os);
 
162
                return 0;
 
163
                }
 
164
        return 1;
 
165
        }