Line data Source code
1 : /* v3_crld.c */
2 : /*
3 : * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4 : * 1999.
5 : */
6 : /* ====================================================================
7 : * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
8 : *
9 : * Redistribution and use in source and binary forms, with or without
10 : * modification, are permitted provided that the following conditions
11 : * are met:
12 : *
13 : * 1. Redistributions of source code must retain the above copyright
14 : * notice, this list of conditions and the following disclaimer.
15 : *
16 : * 2. Redistributions in binary form must reproduce the above copyright
17 : * notice, this list of conditions and the following disclaimer in
18 : * the documentation and/or other materials provided with the
19 : * distribution.
20 : *
21 : * 3. All advertising materials mentioning features or use of this
22 : * software must display the following acknowledgment:
23 : * "This product includes software developed by the OpenSSL Project
24 : * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 : *
26 : * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 : * endorse or promote products derived from this software without
28 : * prior written permission. For written permission, please contact
29 : * licensing@OpenSSL.org.
30 : *
31 : * 5. Products derived from this software may not be called "OpenSSL"
32 : * nor may "OpenSSL" appear in their names without prior written
33 : * permission of the OpenSSL Project.
34 : *
35 : * 6. Redistributions of any form whatsoever must retain the following
36 : * acknowledgment:
37 : * "This product includes software developed by the OpenSSL Project
38 : * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 : *
40 : * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 : * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 : * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 : * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 : * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 : * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 : * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 : * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 : * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 : * OF THE POSSIBILITY OF SUCH DAMAGE.
52 : * ====================================================================
53 : *
54 : * This product includes cryptographic software written by Eric Young
55 : * (eay@cryptsoft.com). This product includes software written by Tim
56 : * Hudson (tjh@cryptsoft.com).
57 : *
58 : */
59 :
60 : #include <stdio.h>
61 : #include "cryptlib.h"
62 : #include <openssl/conf.h>
63 : #include <openssl/asn1.h>
64 : #include <openssl/asn1t.h>
65 : #include <openssl/x509v3.h>
66 :
67 : static void *v2i_crld(const X509V3_EXT_METHOD *method,
68 : X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
69 : static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
70 : int indent);
71 :
72 : const X509V3_EXT_METHOD v3_crld = {
73 : NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
74 : 0, 0, 0, 0,
75 : 0, 0,
76 : 0,
77 : v2i_crld,
78 : i2r_crldp, 0,
79 : NULL
80 : };
81 :
82 : const X509V3_EXT_METHOD v3_freshest_crl = {
83 : NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
84 : 0, 0, 0, 0,
85 : 0, 0,
86 : 0,
87 : v2i_crld,
88 : i2r_crldp, 0,
89 : NULL
90 : };
91 :
92 0 : static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx,
93 : char *sect)
94 : {
95 : STACK_OF(CONF_VALUE) *gnsect;
96 : STACK_OF(GENERAL_NAME) *gens;
97 0 : if (*sect == '@')
98 0 : gnsect = X509V3_get_section(ctx, sect + 1);
99 : else
100 0 : gnsect = X509V3_parse_list(sect);
101 0 : if (!gnsect) {
102 0 : X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, X509V3_R_SECTION_NOT_FOUND);
103 0 : return NULL;
104 : }
105 0 : gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
106 0 : if (*sect == '@')
107 0 : X509V3_section_free(ctx, gnsect);
108 : else
109 0 : sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
110 0 : return gens;
111 : }
112 :
113 0 : static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
114 : CONF_VALUE *cnf)
115 : {
116 : STACK_OF(GENERAL_NAME) *fnm = NULL;
117 : STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
118 0 : if (!strncmp(cnf->name, "fullname", 9)) {
119 0 : fnm = gnames_from_sectname(ctx, cnf->value);
120 0 : if (!fnm)
121 : goto err;
122 0 : } else if (!strcmp(cnf->name, "relativename")) {
123 : int ret;
124 : STACK_OF(CONF_VALUE) *dnsect;
125 : X509_NAME *nm;
126 0 : nm = X509_NAME_new();
127 0 : if (!nm)
128 : return -1;
129 0 : dnsect = X509V3_get_section(ctx, cnf->value);
130 0 : if (!dnsect) {
131 0 : X509V3err(X509V3_F_SET_DIST_POINT_NAME,
132 : X509V3_R_SECTION_NOT_FOUND);
133 : return -1;
134 : }
135 0 : ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
136 0 : X509V3_section_free(ctx, dnsect);
137 0 : rnm = nm->entries;
138 0 : nm->entries = NULL;
139 0 : X509_NAME_free(nm);
140 0 : if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0)
141 : goto err;
142 : /*
143 : * Since its a name fragment can't have more than one RDNSequence
144 : */
145 0 : if (sk_X509_NAME_ENTRY_value(rnm,
146 0 : sk_X509_NAME_ENTRY_num(rnm) - 1)->set) {
147 0 : X509V3err(X509V3_F_SET_DIST_POINT_NAME,
148 : X509V3_R_INVALID_MULTIPLE_RDNS);
149 : goto err;
150 : }
151 : } else
152 : return 0;
153 :
154 0 : if (*pdp) {
155 0 : X509V3err(X509V3_F_SET_DIST_POINT_NAME,
156 : X509V3_R_DISTPOINT_ALREADY_SET);
157 : goto err;
158 : }
159 :
160 0 : *pdp = DIST_POINT_NAME_new();
161 0 : if (!*pdp)
162 : goto err;
163 0 : if (fnm) {
164 0 : (*pdp)->type = 0;
165 0 : (*pdp)->name.fullname = fnm;
166 : } else {
167 0 : (*pdp)->type = 1;
168 0 : (*pdp)->name.relativename = rnm;
169 : }
170 :
171 : return 1;
172 :
173 : err:
174 0 : if (fnm)
175 0 : sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
176 0 : if (rnm)
177 0 : sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
178 : return -1;
179 : }
180 :
181 : static const BIT_STRING_BITNAME reason_flags[] = {
182 : {0, "Unused", "unused"},
183 : {1, "Key Compromise", "keyCompromise"},
184 : {2, "CA Compromise", "CACompromise"},
185 : {3, "Affiliation Changed", "affiliationChanged"},
186 : {4, "Superseded", "superseded"},
187 : {5, "Cessation Of Operation", "cessationOfOperation"},
188 : {6, "Certificate Hold", "certificateHold"},
189 : {7, "Privilege Withdrawn", "privilegeWithdrawn"},
190 : {8, "AA Compromise", "AACompromise"},
191 : {-1, NULL, NULL}
192 : };
193 :
194 0 : static int set_reasons(ASN1_BIT_STRING **preas, char *value)
195 : {
196 : STACK_OF(CONF_VALUE) *rsk = NULL;
197 : const BIT_STRING_BITNAME *pbn;
198 : const char *bnam;
199 : int i, ret = 0;
200 0 : rsk = X509V3_parse_list(value);
201 0 : if (!rsk)
202 : return 0;
203 0 : if (*preas)
204 : return 0;
205 0 : for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) {
206 0 : bnam = sk_CONF_VALUE_value(rsk, i)->name;
207 0 : if (!*preas) {
208 0 : *preas = ASN1_BIT_STRING_new();
209 0 : if (!*preas)
210 : goto err;
211 : }
212 0 : for (pbn = reason_flags; pbn->lname; pbn++) {
213 0 : if (!strcmp(pbn->sname, bnam)) {
214 0 : if (!ASN1_BIT_STRING_set_bit(*preas, pbn->bitnum, 1))
215 : goto err;
216 : break;
217 : }
218 : }
219 0 : if (!pbn->lname)
220 : goto err;
221 : }
222 : ret = 1;
223 :
224 : err:
225 0 : sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free);
226 0 : return ret;
227 : }
228 :
229 0 : static int print_reasons(BIO *out, const char *rname,
230 : ASN1_BIT_STRING *rflags, int indent)
231 : {
232 : int first = 1;
233 : const BIT_STRING_BITNAME *pbn;
234 0 : BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
235 0 : for (pbn = reason_flags; pbn->lname; pbn++) {
236 0 : if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) {
237 0 : if (first)
238 : first = 0;
239 : else
240 0 : BIO_puts(out, ", ");
241 0 : BIO_puts(out, pbn->lname);
242 : }
243 : }
244 0 : if (first)
245 0 : BIO_puts(out, "<EMPTY>\n");
246 : else
247 0 : BIO_puts(out, "\n");
248 0 : return 1;
249 : }
250 :
251 0 : static DIST_POINT *crldp_from_section(X509V3_CTX *ctx,
252 : STACK_OF(CONF_VALUE) *nval)
253 : {
254 : int i;
255 0 : CONF_VALUE *cnf;
256 : DIST_POINT *point = NULL;
257 : point = DIST_POINT_new();
258 0 : if (!point)
259 : goto err;
260 0 : for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
261 : int ret;
262 0 : cnf = sk_CONF_VALUE_value(nval, i);
263 0 : ret = set_dist_point_name(&point->distpoint, ctx, cnf);
264 0 : if (ret > 0)
265 0 : continue;
266 0 : if (ret < 0)
267 : goto err;
268 0 : if (!strcmp(cnf->name, "reasons")) {
269 0 : if (!set_reasons(&point->reasons, cnf->value))
270 : goto err;
271 0 : } else if (!strcmp(cnf->name, "CRLissuer")) {
272 0 : point->CRLissuer = gnames_from_sectname(ctx, cnf->value);
273 0 : if (!point->CRLissuer)
274 : goto err;
275 : }
276 : }
277 :
278 : return point;
279 :
280 : err:
281 0 : if (point)
282 : DIST_POINT_free(point);
283 : return NULL;
284 : }
285 :
286 0 : static void *v2i_crld(const X509V3_EXT_METHOD *method,
287 : X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
288 : {
289 : STACK_OF(DIST_POINT) *crld = NULL;
290 : GENERAL_NAMES *gens = NULL;
291 : GENERAL_NAME *gen = NULL;
292 : CONF_VALUE *cnf;
293 : int i;
294 0 : if (!(crld = sk_DIST_POINT_new_null()))
295 : goto merr;
296 0 : for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
297 : DIST_POINT *point;
298 0 : cnf = sk_CONF_VALUE_value(nval, i);
299 0 : if (!cnf->value) {
300 : STACK_OF(CONF_VALUE) *dpsect;
301 0 : dpsect = X509V3_get_section(ctx, cnf->name);
302 0 : if (!dpsect)
303 : goto err;
304 0 : point = crldp_from_section(ctx, dpsect);
305 0 : X509V3_section_free(ctx, dpsect);
306 0 : if (!point)
307 : goto err;
308 0 : if (!sk_DIST_POINT_push(crld, point)) {
309 : DIST_POINT_free(point);
310 : goto merr;
311 : }
312 : } else {
313 0 : if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
314 : goto err;
315 0 : if (!(gens = GENERAL_NAMES_new()))
316 : goto merr;
317 0 : if (!sk_GENERAL_NAME_push(gens, gen))
318 : goto merr;
319 : gen = NULL;
320 0 : if (!(point = DIST_POINT_new()))
321 : goto merr;
322 0 : if (!sk_DIST_POINT_push(crld, point)) {
323 : DIST_POINT_free(point);
324 : goto merr;
325 : }
326 0 : if (!(point->distpoint = DIST_POINT_NAME_new()))
327 : goto merr;
328 0 : point->distpoint->name.fullname = gens;
329 0 : point->distpoint->type = 0;
330 : gens = NULL;
331 : }
332 : }
333 : return crld;
334 :
335 : merr:
336 0 : X509V3err(X509V3_F_V2I_CRLD, ERR_R_MALLOC_FAILURE);
337 : err:
338 0 : GENERAL_NAME_free(gen);
339 0 : GENERAL_NAMES_free(gens);
340 0 : sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
341 0 : return NULL;
342 : }
343 :
344 : IMPLEMENT_STACK_OF(DIST_POINT)
345 :
346 : IMPLEMENT_ASN1_SET_OF(DIST_POINT)
347 :
348 0 : static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
349 : void *exarg)
350 : {
351 0 : DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval;
352 :
353 0 : switch (operation) {
354 : case ASN1_OP_NEW_POST:
355 0 : dpn->dpname = NULL;
356 0 : break;
357 :
358 : case ASN1_OP_FREE_POST:
359 0 : if (dpn->dpname)
360 0 : X509_NAME_free(dpn->dpname);
361 : break;
362 : }
363 0 : return 1;
364 : }
365 :
366 :
367 : ASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = {
368 : ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
369 : ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
370 : } ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type)
371 :
372 :
373 0 : IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
374 :
375 : ASN1_SEQUENCE(DIST_POINT) = {
376 : ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0),
377 : ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1),
378 : ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, CRLissuer, GENERAL_NAME, 2)
379 : } ASN1_SEQUENCE_END(DIST_POINT)
380 :
381 0 : IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
382 :
383 : ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
384 : ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT)
385 : ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
386 :
387 1681 : IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
388 :
389 : ASN1_SEQUENCE(ISSUING_DIST_POINT) = {
390 : ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0),
391 : ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1),
392 : ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2),
393 : ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3),
394 : ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4),
395 : ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
396 : } ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
397 :
398 0 : IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
399 :
400 : static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
401 : int indent);
402 : static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
403 : STACK_OF(CONF_VALUE) *nval);
404 :
405 : const X509V3_EXT_METHOD v3_idp = {
406 : NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
407 : ASN1_ITEM_ref(ISSUING_DIST_POINT),
408 : 0, 0, 0, 0,
409 : 0, 0,
410 : 0,
411 : v2i_idp,
412 : i2r_idp, 0,
413 : NULL
414 : };
415 :
416 0 : static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
417 : STACK_OF(CONF_VALUE) *nval)
418 : {
419 : ISSUING_DIST_POINT *idp = NULL;
420 : CONF_VALUE *cnf;
421 : char *name, *val;
422 : int i, ret;
423 : idp = ISSUING_DIST_POINT_new();
424 0 : if (!idp)
425 : goto merr;
426 0 : for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
427 0 : cnf = sk_CONF_VALUE_value(nval, i);
428 0 : name = cnf->name;
429 0 : val = cnf->value;
430 0 : ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
431 0 : if (ret > 0)
432 0 : continue;
433 0 : if (ret < 0)
434 : goto err;
435 0 : if (!strcmp(name, "onlyuser")) {
436 0 : if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
437 : goto err;
438 0 : } else if (!strcmp(name, "onlyCA")) {
439 0 : if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
440 : goto err;
441 0 : } else if (!strcmp(name, "onlyAA")) {
442 0 : if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
443 : goto err;
444 0 : } else if (!strcmp(name, "indirectCRL")) {
445 0 : if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
446 : goto err;
447 0 : } else if (!strcmp(name, "onlysomereasons")) {
448 0 : if (!set_reasons(&idp->onlysomereasons, val))
449 : goto err;
450 : } else {
451 0 : X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
452 0 : X509V3_conf_err(cnf);
453 0 : goto err;
454 : }
455 : }
456 : return idp;
457 :
458 : merr:
459 0 : X509V3err(X509V3_F_V2I_IDP, ERR_R_MALLOC_FAILURE);
460 : err:
461 : ISSUING_DIST_POINT_free(idp);
462 0 : return NULL;
463 : }
464 :
465 0 : static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
466 : {
467 : int i;
468 0 : for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
469 0 : BIO_printf(out, "%*s", indent + 2, "");
470 0 : GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
471 0 : BIO_puts(out, "\n");
472 : }
473 0 : return 1;
474 : }
475 :
476 0 : static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
477 : {
478 0 : if (dpn->type == 0) {
479 0 : BIO_printf(out, "%*sFull Name:\n", indent, "");
480 0 : print_gens(out, dpn->name.fullname, indent);
481 : } else {
482 : X509_NAME ntmp;
483 0 : ntmp.entries = dpn->name.relativename;
484 0 : BIO_printf(out, "%*sRelative Name:\n%*s", indent, "", indent + 2, "");
485 0 : X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
486 0 : BIO_puts(out, "\n");
487 : }
488 0 : return 1;
489 : }
490 :
491 0 : static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
492 : int indent)
493 : {
494 : ISSUING_DIST_POINT *idp = pidp;
495 0 : if (idp->distpoint)
496 0 : print_distpoint(out, idp->distpoint, indent);
497 0 : if (idp->onlyuser > 0)
498 0 : BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
499 0 : if (idp->onlyCA > 0)
500 0 : BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
501 0 : if (idp->indirectCRL > 0)
502 0 : BIO_printf(out, "%*sIndirect CRL\n", indent, "");
503 0 : if (idp->onlysomereasons)
504 0 : print_reasons(out, "Only Some Reasons", idp->onlysomereasons, indent);
505 0 : if (idp->onlyattr > 0)
506 0 : BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
507 0 : if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0)
508 0 : && (idp->indirectCRL <= 0) && !idp->onlysomereasons
509 0 : && (idp->onlyattr <= 0))
510 0 : BIO_printf(out, "%*s<EMPTY>\n", indent, "");
511 :
512 0 : return 1;
513 : }
514 :
515 0 : static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
516 : int indent)
517 : {
518 : STACK_OF(DIST_POINT) *crld = pcrldp;
519 : DIST_POINT *point;
520 : int i;
521 0 : for (i = 0; i < sk_DIST_POINT_num(crld); i++) {
522 0 : BIO_puts(out, "\n");
523 0 : point = sk_DIST_POINT_value(crld, i);
524 0 : if (point->distpoint)
525 0 : print_distpoint(out, point->distpoint, indent);
526 0 : if (point->reasons)
527 0 : print_reasons(out, "Reasons", point->reasons, indent);
528 0 : if (point->CRLissuer) {
529 0 : BIO_printf(out, "%*sCRL Issuer:\n", indent, "");
530 0 : print_gens(out, point->CRLissuer, indent);
531 : }
532 : }
533 0 : return 1;
534 : }
535 :
536 0 : int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname)
537 : {
538 : int i;
539 : STACK_OF(X509_NAME_ENTRY) *frag;
540 : X509_NAME_ENTRY *ne;
541 0 : if (!dpn || (dpn->type != 1))
542 : return 1;
543 0 : frag = dpn->name.relativename;
544 0 : dpn->dpname = X509_NAME_dup(iname);
545 0 : if (!dpn->dpname)
546 : return 0;
547 0 : for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) {
548 0 : ne = sk_X509_NAME_ENTRY_value(frag, i);
549 0 : if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) {
550 0 : X509_NAME_free(dpn->dpname);
551 0 : dpn->dpname = NULL;
552 0 : return 0;
553 : }
554 : }
555 : /* generate cached encoding of name */
556 0 : if (i2d_X509_NAME(dpn->dpname, NULL) < 0) {
557 0 : X509_NAME_free(dpn->dpname);
558 0 : dpn->dpname = NULL;
559 0 : return 0;
560 : }
561 : return 1;
562 : }
|
