← Back to branch summary

~ubuntu-branches/ubuntu/hardy/openssl/hardy-security

« back to all changes in this revision

Viewing changes to crypto/x509v3/v3_akey.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2005-12-13 21:37:42 UTC
  • mfrom: (1.1.2 upstream)
  • Revision ID: james.westby@ubuntu.com-20051213213742-7em5nrw5c7ceegyd
Tags: 0.9.8a-5
http://bugs.debian.org/335912
Stop ssh from crashing randomly on sparc (Closes: #335912)
Patch from upstream cvs.

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/x509v3/v3_akey.c
68
68
static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
69
69
                        X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
70
70
 
71
 
X509V3_EXT_METHOD v3_akey_id = {
72
 
NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
73
 
0,0,0,0,
74
 
0,0,
75
 
(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
76
 
(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
77
 
0,0,
78
 
NULL
79
 
};
 
71
X509V3_EXT_METHOD v3_akey_id =
 
72
        {
 
73
        NID_authority_key_identifier,
 
74
        X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
 
75
        0,0,0,0,
 
76
        0,0,
 
77
        (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
 
78
        (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
 
79
        0,0,
 
80
        NULL
 
81
        };
80
82
 
81
83
static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
82
84
             AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
108
110
 
109
111
static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
110
112
             X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
111
 
{
112
 
char keyid=0, issuer=0;
113
 
int i;
114
 
CONF_VALUE *cnf;
115
 
ASN1_OCTET_STRING *ikeyid = NULL;
116
 
X509_NAME *isname = NULL;
117
 
GENERAL_NAMES * gens = NULL;
118
 
GENERAL_NAME *gen = NULL;
119
 
ASN1_INTEGER *serial = NULL;
120
 
X509_EXTENSION *ext;
121
 
X509 *cert;
122
 
AUTHORITY_KEYID *akeyid;
123
 
for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
124
 
        cnf = sk_CONF_VALUE_value(values, i);
125
 
        if(!strcmp(cnf->name, "keyid")) {
126
 
                keyid = 1;
127
 
                if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2;
128
 
        } else if(!strcmp(cnf->name, "issuer")) {
129
 
                issuer = 1;
130
 
                if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2;
131
 
        } else {
132
 
                X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
133
 
                ERR_add_error_data(2, "name=", cnf->name);
 
113
        {
 
114
        char keyid=0, issuer=0;
 
115
        int i;
 
116
        CONF_VALUE *cnf;
 
117
        ASN1_OCTET_STRING *ikeyid = NULL;
 
118
        X509_NAME *isname = NULL;
 
119
        GENERAL_NAMES * gens = NULL;
 
120
        GENERAL_NAME *gen = NULL;
 
121
        ASN1_INTEGER *serial = NULL;
 
122
        X509_EXTENSION *ext;
 
123
        X509 *cert;
 
124
        AUTHORITY_KEYID *akeyid;
 
125
 
 
126
        for(i = 0; i < sk_CONF_VALUE_num(values); i++)
 
127
                {
 
128
                cnf = sk_CONF_VALUE_value(values, i);
 
129
                if(!strcmp(cnf->name, "keyid"))
 
130
                        {
 
131
                        keyid = 1;
 
132
                        if(cnf->value && !strcmp(cnf->value, "always"))
 
133
                                keyid = 2;
 
134
                        }
 
135
                else if(!strcmp(cnf->name, "issuer"))
 
136
                        {
 
137
                        issuer = 1;
 
138
                        if(cnf->value && !strcmp(cnf->value, "always"))
 
139
                                issuer = 2;
 
140
                        }
 
141
                else
 
142
                        {
 
143
                        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
 
144
                        ERR_add_error_data(2, "name=", cnf->name);
 
145
                        return NULL;
 
146
                        }
 
147
                }
 
148
 
 
149
        if(!ctx || !ctx->issuer_cert)
 
150
                {
 
151
                if(ctx && (ctx->flags==CTX_TEST))
 
152
                        return AUTHORITY_KEYID_new();
 
153
                X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
134
154
                return NULL;
135
 
        }
136
 
}
137
 
 
138
 
if(!ctx || !ctx->issuer_cert) {
139
 
        if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
140
 
        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
 
155
                }
 
156
 
 
157
        cert = ctx->issuer_cert;
 
158
 
 
159
        if(keyid)
 
160
                {
 
161
                i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
 
162
                if((i >= 0)  && (ext = X509_get_ext(cert, i)))
 
163
                        ikeyid = X509V3_EXT_d2i(ext);
 
164
                if(keyid==2 && !ikeyid)
 
165
                        {
 
166
                        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
 
167
                        return NULL;
 
168
                        }
 
169
                }
 
170
 
 
171
        if((issuer && !ikeyid) || (issuer == 2))
 
172
                {
 
173
                isname = X509_NAME_dup(X509_get_issuer_name(cert));
 
174
                serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
 
175
                if(!isname || !serial)
 
176
                        {
 
177
                        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
 
178
                        goto err;
 
179
                        }
 
180
                }
 
181
 
 
182
        if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
 
183
 
 
184
        if(isname)
 
185
                {
 
186
                if(!(gens = sk_GENERAL_NAME_new_null())
 
187
                        || !(gen = GENERAL_NAME_new())
 
188
                        || !sk_GENERAL_NAME_push(gens, gen))
 
189
                        {
 
190
                        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
 
191
                        goto err;
 
192
                        }
 
193
                gen->type = GEN_DIRNAME;
 
194
                gen->d.dirn = isname;
 
195
                }
 
196
 
 
197
        akeyid->issuer = gens;
 
198
        akeyid->serial = serial;
 
199
        akeyid->keyid = ikeyid;
 
200
 
 
201
        return akeyid;
 
202
 
 
203
 err:
 
204
        X509_NAME_free(isname);
 
205
        M_ASN1_INTEGER_free(serial);
 
206
        M_ASN1_OCTET_STRING_free(ikeyid);
141
207
        return NULL;
142
 
}
143
 
 
144
 
cert = ctx->issuer_cert;
145
 
 
146
 
if(keyid) {
147
 
        i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
148
 
        if((i >= 0)  && (ext = X509_get_ext(cert, i)))
149
 
                                                 ikeyid = X509V3_EXT_d2i(ext);
150
 
        if(keyid==2 && !ikeyid) {
151
 
                X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
152
 
                return NULL;
153
 
        }
154
 
}
155
 
 
156
 
if((issuer && !ikeyid) || (issuer == 2)) {
157
 
        isname = X509_NAME_dup(X509_get_issuer_name(cert));
158
 
        serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
159
 
        if(!isname || !serial) {
160
 
                X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
161
 
                goto err;
162
 
        }
163
 
}
164
 
 
165
 
if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
166
 
 
167
 
if(isname) {
168
 
        if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new())
169
 
                || !sk_GENERAL_NAME_push(gens, gen)) {
170
 
                X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
171
 
                goto err;
172
 
        }
173
 
        gen->type = GEN_DIRNAME;
174
 
        gen->d.dirn = isname;
175
 
}
176
 
 
177
 
akeyid->issuer = gens;
178
 
akeyid->serial = serial;
179
 
akeyid->keyid = ikeyid;
180
 
 
181
 
return akeyid;
182
 
 
183
 
err:
184
 
X509_NAME_free(isname);
185
 
M_ASN1_INTEGER_free(serial);
186
 
M_ASN1_OCTET_STRING_free(ikeyid);
187
 
return NULL;
188
 
 
189
 
}
190
 
 
 
208
        }