Add x509_DN_string API to get a printable DN component given one

rpresented in ASN.1

2 files changed, 28 insertions, 2 deletions

diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c
index 83f9bf24f38..dec99c32404 100644
--- a/sbin/isakmpd/x509.c
+++ b/sbin/isakmpd/x509.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: x509.c,v 1.64 2001/08/16 14:23:21 ho Exp $	*/
+/*	$OpenBSD: x509.c,v 1.65 2001/08/25 22:17:13 niklas Exp $	*/
 /*	$EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $	*/
 
 /*
@@ -1376,4 +1376,29 @@ x509_from_printable (char *cert)
     log_print ("x509_from_printable: could not retrieve certificate");
   return foo;
 }
+
+char *
+x509_DN_string (u_int8_t *asn1, size_t sz)
+{
+  X509_NAME *name;
+  u_int8_t *p = asn1;
+  /* XXX Just a guess at a maximum length.  */
+  char buf[256];
+
+  name = LC (d2i_X509_NAME, (NULL, &p, sz));
+  if (!name)
+    {
+      log_print ("x509_DN_string: d2i_X509_NAME failed");
+      return 0;
+    }
+  if (!LC (X509_NAME_oneline, (name, buf, sizeof buf - 1)))
+    {
+      log_print ("x509_DN_string: X509_NAME_oneline failed");
+      LC (X509_NAME_free, (name));
+      return 0;
+    }
+  LC (X509_NAME_free, (name));
+  buf[sizeof buf - 1] = '\0';
+  return strdup (buf);
+}
 #endif /* USE_X509 */
diff --git a/sbin/isakmpd/x509.h b/sbin/isakmpd/x509.h
index 061a1fc9cca..9561ca1bd12 100644
--- a/sbin/isakmpd/x509.h
+++ b/sbin/isakmpd/x509.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: x509.h,v 1.12 2001/06/07 04:23:35 angelos Exp $	*/
+/*	$OpenBSD: x509.h,v 1.13 2001/08/25 22:17:13 niklas Exp $	*/
 /*	$EOM: x509.h,v 1.11 2000/09/28 12:53:27 niklas Exp $	*/
 
 /*
@@ -81,6 +81,7 @@ void *x509_from_printable (char *);
 
 /* Misc. X509 certificate functions.  */
 
+char *x509_DN_string (u_int8_t *, size_t);
 int x509_cert_insert (int, void *);
 int x509_cert_subjectaltname (X509 *cert, u_char **, u_int *);
 X509 *x509_from_asn (u_char *, u_int);