summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2014-05-26 12:37:33 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2014-05-26 12:37:33 +0000
commite8706b6fb51a561ecdb50cf1e46f2798a254da2a (patch)
tree8fca776b79b3005913b349d713b9f58cbf7c2d44 /lib
parent637945d42ba8bb09fcdb42bad9e41c4bc89794eb (diff)
KNF.
Diffstat (limited to 'lib')
-rw-r--r--lib/libcrypto/x509v3/v3_skey.c75
-rw-r--r--lib/libcrypto/x509v3/v3_sxnet.c150
-rw-r--r--lib/libcrypto/x509v3/v3_utl.c614
3 files changed, 479 insertions, 360 deletions
diff --git a/lib/libcrypto/x509v3/v3_skey.c b/lib/libcrypto/x509v3/v3_skey.c
index 0a984fbaa87..22da698080d 100644
--- a/lib/libcrypto/x509v3/v3_skey.c
+++ b/lib/libcrypto/x509v3/v3_skey.c
@@ -10,7 +10,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -61,33 +61,35 @@
#include "cryptlib.h"
#include <openssl/x509v3.h>
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-const X509V3_EXT_METHOD v3_skey_id = {
-NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
-0,0,0,0,
-(X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
-(X509V3_EXT_S2I)s2i_skey_id,
-0,0,0,0,
-NULL};
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- ASN1_OCTET_STRING *oct)
+static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *str);
+const X509V3_EXT_METHOD v3_skey_id = {
+ NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
+ 0, 0, 0, 0,
+ (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
+ (X509V3_EXT_S2I)s2i_skey_id,
+ 0, 0, 0, 0,
+ NULL
+};
+
+char *
+i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct)
{
return hex_to_string(oct->data, oct->length);
}
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
+ASN1_OCTET_STRING *
+s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
{
ASN1_OCTET_STRING *oct;
long length;
- if(!(oct = M_ASN1_OCTET_STRING_new())) {
- X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+ if (!(oct = M_ASN1_OCTET_STRING_new())) {
+ X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if(!(oct->data = string_to_hex(str, &length))) {
+ if (!(oct->data = string_to_hex(str, &length))) {
M_ASN1_OCTET_STRING_free(oct);
return NULL;
}
@@ -95,51 +97,54 @@ ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
oct->length = length;
return oct;
-
}
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
+static ASN1_OCTET_STRING *
+s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
{
ASN1_OCTET_STRING *oct;
ASN1_BIT_STRING *pk;
unsigned char pkey_dig[EVP_MAX_MD_SIZE];
unsigned int diglen;
- if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str);
+ if (strcmp(str, "hash"))
+ return s2i_ASN1_OCTET_STRING(method, ctx, str);
- if(!(oct = M_ASN1_OCTET_STRING_new())) {
- X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
+ if (!(oct = M_ASN1_OCTET_STRING_new())) {
+ X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if(ctx && (ctx->flags == CTX_TEST)) return oct;
+ if (ctx && (ctx->flags == CTX_TEST))
+ return oct;
- if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
- X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
+ if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
+ X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
goto err;
}
- if(ctx->subject_req)
+ if (ctx->subject_req)
pk = ctx->subject_req->req_info->pubkey->public_key;
- else pk = ctx->subject_cert->cert_info->key->public_key;
+ else
+ pk = ctx->subject_cert->cert_info->key->public_key;
- if(!pk) {
- X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
+ if (!pk) {
+ X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
goto err;
}
- if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
+ if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen,
+ EVP_sha1(), NULL))
goto err;
- if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
- X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
+ if (!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
+ X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
goto err;
}
return oct;
-
- err:
+
+err:
M_ASN1_OCTET_STRING_free(oct);
return NULL;
}
diff --git a/lib/libcrypto/x509v3/v3_sxnet.c b/lib/libcrypto/x509v3/v3_sxnet.c
index a2b0322e448..81ba50ca031 100644
--- a/lib/libcrypto/x509v3/v3_sxnet.c
+++ b/lib/libcrypto/x509v3/v3_sxnet.c
@@ -10,7 +10,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -67,24 +67,25 @@
#define SXNET_TEST
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
+static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
+ int indent);
#ifdef SXNET_TEST
static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
+ STACK_OF(CONF_VALUE) *nval);
#endif
const X509V3_EXT_METHOD v3_sxnet = {
-NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
-0,0,0,0,
-0,0,
-0,
+ NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
+ 0, 0, 0, 0,
+ 0, 0,
+ 0,
#ifdef SXNET_TEST
-(X509V3_EXT_V2I)sxnet_v2i,
+ (X509V3_EXT_V2I)sxnet_v2i,
#else
-0,
+ 0,
#endif
-(X509V3_EXT_I2R)sxnet_i2r,
-0,
-NULL
+ (X509V3_EXT_I2R)sxnet_i2r,
+ 0,
+ NULL
};
ASN1_SEQUENCE(SXNETID) = {
@@ -101,16 +102,17 @@ ASN1_SEQUENCE(SXNET) = {
IMPLEMENT_ASN1_FUNCTIONS(SXNET)
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
- int indent)
+static int
+sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent)
{
long v;
char *tmp;
SXNETID *id;
int i;
+
v = ASN1_INTEGER_get(sx->version);
BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
- for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
+ for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
id = sk_SXNETID_value(sx->ids, i);
tmp = i2s_ASN1_INTEGER(NULL, id->zone);
BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
@@ -127,34 +129,36 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
* they should really be separate values for each user.
*/
-
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval)
+static SXNET *
+sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval)
{
CONF_VALUE *cnf;
SXNET *sx = NULL;
int i;
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+
+ for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
cnf = sk_CONF_VALUE_value(nval, i);
- if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
- return NULL;
+ if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
+ return NULL;
}
return sx;
}
-
-
+
#endif
/* Strong Extranet utility functions */
/* Add an id given the zone as an ASCII number */
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
- int userlen)
+int
+SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
{
ASN1_INTEGER *izone = NULL;
- if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
- X509V3err(X509V3_F_SXNET_ADD_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
+
+ if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
+ X509V3err(X509V3_F_SXNET_ADD_ID_ASC,
+ X509V3_R_ERROR_CONVERTING_ZONE);
return 0;
}
return SXNET_add_id_INTEGER(psx, izone, user, userlen);
@@ -162,17 +166,18 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
/* Add an id given the zone as an unsigned long */
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
- int userlen)
+int
+SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen)
{
ASN1_INTEGER *izone = NULL;
- if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
- X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
+
+ if (!(izone = M_ASN1_INTEGER_new()) ||
+ !ASN1_INTEGER_set(izone, lzone)) {
+ X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE);
M_ASN1_INTEGER_free(izone);
return 0;
}
return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-
}
/* Add an id given the zone as an ASN1_INTEGER.
@@ -180,52 +185,67 @@ int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
* free it up afterwards.
*/
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
- int userlen)
+int
+SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, int userlen)
{
SXNET *sx = NULL;
SXNETID *id = NULL;
- if(!psx || !zone || !user) {
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
+
+ if (!psx || !zone || !user) {
+ X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
+ X509V3_R_INVALID_NULL_ARGUMENT);
return 0;
}
- if(userlen == -1) userlen = strlen(user);
- if(userlen > 64) {
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
+ if (userlen == -1)
+ userlen = strlen(user);
+ if (userlen > 64) {
+ X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
+ X509V3_R_USER_TOO_LONG);
return 0;
}
- if(!*psx) {
- if(!(sx = SXNET_new())) goto err;
- if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
+ if (!*psx) {
+ if (!(sx = SXNET_new()))
+ goto err;
+ if (!ASN1_INTEGER_set(sx->version, 0))
+ goto err;
*psx = sx;
- } else sx = *psx;
- if(SXNET_get_id_INTEGER(sx, zone)) {
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
+ } else
+ sx = *psx;
+ if (SXNET_get_id_INTEGER(sx, zone)) {
+ X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
+ X509V3_R_DUPLICATE_ZONE_ID);
return 0;
}
- if(!(id = SXNETID_new())) goto err;
- if(userlen == -1) userlen = strlen(user);
-
- if(!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
- if(!sk_SXNETID_push(sx->ids, id)) goto err;
+ if (!(id = SXNETID_new()))
+ goto err;
+ if (userlen == -1)
+ userlen = strlen(user);
+
+ if (!M_ASN1_OCTET_STRING_set(id->user, user, userlen))
+ goto err;
+ if (!sk_SXNETID_push(sx->ids, id))
+ goto err;
id->zone = zone;
return 1;
-
- err:
- X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
+
+err:
+ X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, ERR_R_MALLOC_FAILURE);
SXNETID_free(id);
SXNET_free(sx);
*psx = NULL;
return 0;
}
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
+ASN1_OCTET_STRING *
+SXNET_get_id_asc(SXNET *sx, char *zone)
{
ASN1_INTEGER *izone = NULL;
ASN1_OCTET_STRING *oct;
- if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
- X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
+
+ if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
+ X509V3err(X509V3_F_SXNET_GET_ID_ASC,
+ X509V3_R_ERROR_CONVERTING_ZONE);
return NULL;
}
oct = SXNET_get_id_INTEGER(sx, izone);
@@ -233,12 +253,15 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
return oct;
}
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
+ASN1_OCTET_STRING *
+SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
{
ASN1_INTEGER *izone = NULL;
ASN1_OCTET_STRING *oct;
- if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
- X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
+
+ if (!(izone = M_ASN1_INTEGER_new()) ||
+ !ASN1_INTEGER_set(izone, lzone)) {
+ X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE);
M_ASN1_INTEGER_free(izone);
return NULL;
}
@@ -247,13 +270,16 @@ ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
return oct;
}
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
+ASN1_OCTET_STRING *
+SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
{
SXNETID *id;
int i;
- for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
+
+ for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
id = sk_SXNETID_value(sx->ids, i);
- if(!M_ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
+ if (!M_ASN1_INTEGER_cmp(id->zone, zone))
+ return id->user;
}
return NULL;
}
diff --git a/lib/libcrypto/x509v3/v3_utl.c b/lib/libcrypto/x509v3/v3_utl.c
index 5b064f8eb25..0b389807dd9 100644
--- a/lib/libcrypto/x509v3/v3_utl.c
+++ b/lib/libcrypto/x509v3/v3_utl.c
@@ -10,7 +10,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -67,7 +67,8 @@
static char *strip_spaces(char *name);
static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens);
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+ GENERAL_NAMES *gens);
static void str_free(OPENSSL_STRING str);
static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
@@ -78,163 +79,211 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen);
/* Add a CONF_VALUE name value pair to stack */
-int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist)
+int
+X509V3_add_value(const char *name, const char *value,
+ STACK_OF(CONF_VALUE) **extlist)
{
CONF_VALUE *vtmp = NULL;
char *tname = NULL, *tvalue = NULL;
- if(name && !(tname = BUF_strdup(name))) goto err;
- if(value && !(tvalue = BUF_strdup(value))) goto err;
- if(!(vtmp = malloc(sizeof(CONF_VALUE)))) goto err;
- if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
+
+ if (name && !(tname = BUF_strdup(name)))
+ goto err;
+ if (value && !(tvalue = BUF_strdup(value)))
+ goto err;
+ if (!(vtmp = malloc(sizeof(CONF_VALUE))))
+ goto err;
+ if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))
+ goto err;
vtmp->section = NULL;
vtmp->name = tname;
vtmp->value = tvalue;
- if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err;
+ if (!sk_CONF_VALUE_push(*extlist, vtmp))
+ goto err;
return 1;
- err:
- X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE);
- if(vtmp) free(vtmp);
- if(tname) free(tname);
- if(tvalue) free(tvalue);
+
+err:
+ X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
+ if (vtmp)
+ free(vtmp);
+ if (tname)
+ free(tname);
+ if (tvalue)
+ free(tvalue);
return 0;
}
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist)
- {
- return X509V3_add_value(name,(const char *)value,extlist);
- }
+int
+X509V3_add_value_uchar(const char *name, const unsigned char *value,
+ STACK_OF(CONF_VALUE) **extlist)
+{
+ return X509V3_add_value(name, (const char *)value, extlist);
+}
/* Free function for STACK_OF(CONF_VALUE) */
-void X509V3_conf_free(CONF_VALUE *conf)
+void
+X509V3_conf_free(CONF_VALUE *conf)
{
- if(!conf) return;
- if(conf->name) free(conf->name);
- if(conf->value) free(conf->value);
- if(conf->section) free(conf->section);
+ if (!conf)
+ return;
+ if (conf->name)
+ free(conf->name);
+ if (conf->value)
+ free(conf->value);
+ if (conf->section)
+ free(conf->section);
free(conf);
}
-int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist)
+int
+X509V3_add_value_bool(const char *name, int asn1_bool,
+ STACK_OF(CONF_VALUE) **extlist)
{
- if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
+ if (asn1_bool)
+ return X509V3_add_value(name, "TRUE", extlist);
return X509V3_add_value(name, "FALSE", extlist);
}
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist)
+int
+X509V3_add_value_bool_nf(char *name, int asn1_bool,
+ STACK_OF(CONF_VALUE) **extlist)
{
- if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
+ if (asn1_bool)
+ return X509V3_add_value(name, "TRUE", extlist);
return 1;
}
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
+char *
+i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
{
BIGNUM *bntmp = NULL;
char *strtmp = NULL;
- if(!a) return NULL;
- if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
- !(strtmp = BN_bn2dec(bntmp)) )
- X509V3err(X509V3_F_I2S_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
+
+ if (!a)
+ return NULL;
+ if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
+ !(strtmp = BN_bn2dec(bntmp)))
+ X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
BN_free(bntmp);
return strtmp;
}
-char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
+char *
+i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
{
BIGNUM *bntmp = NULL;
char *strtmp = NULL;
- if(!a) return NULL;
- if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
- !(strtmp = BN_bn2dec(bntmp)) )
- X509V3err(X509V3_F_I2S_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
+
+ if (!a)
+ return NULL;
+ if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
+ !(strtmp = BN_bn2dec(bntmp)))
+ X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
BN_free(bntmp);
return strtmp;
}
-ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
+ASN1_INTEGER *
+s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
{
BIGNUM *bn = NULL;
ASN1_INTEGER *aint;
int isneg, ishex;
int ret;
+
if (!value) {
- X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE);
+ X509V3err(X509V3_F_S2I_ASN1_INTEGER,
+ X509V3_R_INVALID_NULL_VALUE);
return 0;
}
bn = BN_new();
if (value[0] == '-') {
value++;
isneg = 1;
- } else isneg = 0;
+ } else
+ isneg = 0;
if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
value += 2;
ishex = 1;
- } else ishex = 0;
+ } else
+ ishex = 0;
- if (ishex) ret = BN_hex2bn(&bn, value);
- else ret = BN_dec2bn(&bn, value);
+ if (ishex)
+ ret = BN_hex2bn(&bn, value);
+ else
+ ret = BN_dec2bn(&bn, value);
if (!ret || value[ret]) {
BN_free(bn);
- X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR);
+ X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR);
return 0;
}
- if (isneg && BN_is_zero(bn)) isneg = 0;
+ if (isneg && BN_is_zero(bn))
+ isneg = 0;
aint = BN_to_ASN1_INTEGER(bn, NULL);
BN_free(bn);
if (!aint) {
- X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
+ X509V3err(X509V3_F_S2I_ASN1_INTEGER,
+ X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
return 0;
}
- if (isneg) aint->type |= V_ASN1_NEG;
+ if (isneg)
+ aint->type |= V_ASN1_NEG;
return aint;
}
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist)
+int
+X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+ STACK_OF(CONF_VALUE) **extlist)
{
char *strtmp;
int ret;
- if(!aint) return 1;
- if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0;
+
+ if (!aint)
+ return 1;
+ if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))
+ return 0;
ret = X509V3_add_value(name, strtmp, extlist);
free(strtmp);
return ret;
}
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
+int
+X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
{
char *btmp;
- if(!(btmp = value->value)) goto err;
- if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
- || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
- || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
+
+ if (!(btmp = value->value))
+ goto err;
+ if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") ||
+ !strcmp(btmp, "Y") || !strcmp(btmp, "y") ||
+ !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
*asn1_bool = 0xff;
return 1;
- } else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
- || !strcmp(btmp, "N") || !strcmp(btmp, "n")
- || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
+ } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") ||
+ !strcmp(btmp, "N") || !strcmp(btmp, "n") ||
+ !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
*asn1_bool = 0;
return 1;
}
- err:
- X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,X509V3_R_INVALID_BOOLEAN_STRING);
+
+err:
+ X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,
+ X509V3_R_INVALID_BOOLEAN_STRING);
X509V3_conf_err(value);
return 0;
}
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
+int
+X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
{
ASN1_INTEGER *itmp;
- if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
+
+ if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
X509V3_conf_err(value);
return 0;
}
@@ -247,56 +296,63 @@ int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
/*#define DEBUG*/
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
+STACK_OF(CONF_VALUE) *
+X509V3_parse_list(const char *line)
{
char *p, *q, c;
char *ntmp, *vtmp;
STACK_OF(CONF_VALUE) *values = NULL;
char *linebuf;
int state;
+
/* We are going to modify the line so copy it first */
linebuf = BUF_strdup(line);
state = HDR_NAME;
ntmp = NULL;
+
/* Go through all characters */
- for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
+ for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') &&
+ (c != '\n'); p++) {
- switch(state) {
- case HDR_NAME:
- if(c == ':') {
+ switch (state) {
+ case HDR_NAME:
+ if (c == ':') {
state = HDR_VALUE;
*p = 0;
ntmp = strip_spaces(q);
- if(!ntmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
+ if (!ntmp) {
+ X509V3err(X509V3_F_X509V3_PARSE_LIST,
+ X509V3_R_INVALID_NULL_NAME);
goto err;
}
q = p + 1;
- } else if(c == ',') {
+ } else if (c == ',') {
*p = 0;
ntmp = strip_spaces(q);
q = p + 1;
#if 0
printf("%s\n", ntmp);
#endif
- if(!ntmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
+ if (!ntmp) {
+ X509V3err(X509V3_F_X509V3_PARSE_LIST,
+ X509V3_R_INVALID_NULL_NAME);
goto err;
}
X509V3_add_value(ntmp, NULL, &values);
}
- break ;
+ break;
- case HDR_VALUE:
- if(c == ',') {
+ case HDR_VALUE:
+ if (c == ',') {
state = HDR_NAME;
*p = 0;
vtmp = strip_spaces(q);
#if 0
printf("%s\n", ntmp);
#endif
- if(!vtmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
+ if (!vtmp) {
+ X509V3err(X509V3_F_X509V3_PARSE_LIST,
+ X509V3_R_INVALID_NULL_VALUE);
goto err;
}
X509V3_add_value(ntmp, vtmp, &values);
@@ -307,13 +363,14 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
}
}
- if(state == HDR_VALUE) {
+ if (state == HDR_VALUE) {
vtmp = strip_spaces(q);
#if 0
printf("%s=%s\n", ntmp, vtmp);
#endif
- if(!vtmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE);
+ if (!vtmp) {
+ X509V3err(X509V3_F_X509V3_PARSE_LIST,
+ X509V3_R_INVALID_NULL_VALUE);
goto err;
}
X509V3_add_value(ntmp, vtmp, &values);
@@ -322,34 +379,42 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
#if 0
printf("%s\n", ntmp);
#endif
- if(!ntmp) {
- X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
+ if (!ntmp) {
+ X509V3err(X509V3_F_X509V3_PARSE_LIST,
+ X509V3_R_INVALID_NULL_NAME);
goto err;
}
X509V3_add_value(ntmp, NULL, &values);
}
-free(linebuf);
-return values;
+ free(linebuf);
+ return values;
err:
-free(linebuf);
-sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
-return NULL;
+ free(linebuf);
+ sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
+ return NULL;
}
/* Delete leading and trailing spaces from a string */
-static char *strip_spaces(char *name)
+static char *
+strip_spaces(char *name)
{
char *p, *q;
+
/* Skip over leading spaces */
p = name;
- while(*p && isspace((unsigned char)*p)) p++;
- if(!*p) return NULL;
+ while (*p && isspace((unsigned char)*p))
+ p++;
+ if (!*p)
+ return NULL;
q = p + strlen(p) - 1;
- while((q != p) && isspace((unsigned char)*q)) q--;
- if(p != q) q[1] = 0;
- if(!*p) return NULL;
+ while ((q != p) && isspace((unsigned char)*q))
+ q--;
+ if (p != q)
+ q[1] = 0;
+ if (!*p)
+ return NULL;
return p;
}
@@ -360,19 +425,22 @@ static char *strip_spaces(char *name)
* @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
*/
-char *hex_to_string(const unsigned char *buffer, long len)
+char *
+hex_to_string(const unsigned char *buffer, long len)
{
char *tmp, *q;
const unsigned char *p;
int i;
static const char hexdig[] = "0123456789ABCDEF";
- if(!buffer || !len) return NULL;
- if(!(tmp = malloc(len * 3 + 1))) {
- X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE);
+
+ if (!buffer || !len)
+ return NULL;
+ if (!(tmp = malloc(len * 3 + 1))) {
+ X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE);
return NULL;
}
q = tmp;
- for(i = 0, p = buffer; i < len; i++,p++) {
+ for (i = 0, p = buffer; i < len; i++, p++) {
*q++ = hexdig[(*p >> 4) & 0xf];
*q++ = hexdig[*p & 0xf];
*q++ = ':';
@@ -385,70 +453,88 @@ char *hex_to_string(const unsigned char *buffer, long len)
* a buffer
*/
-unsigned char *string_to_hex(const char *str, long *len)
+unsigned char *
+string_to_hex(const char *str, long *len)
{
unsigned char *hexbuf, *q;
unsigned char ch, cl, *p;
- if(!str) {
- X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT);
+ if (!str) {
+ X509V3err(X509V3_F_STRING_TO_HEX,
+ X509V3_R_INVALID_NULL_ARGUMENT);
return NULL;
}
- if(!(hexbuf = malloc(strlen(str) >> 1))) goto err;
- for(p = (unsigned char *)str, q = hexbuf; *p;) {
+ if (!(hexbuf = malloc(strlen(str) >> 1)))
+ goto err;
+ for (p = (unsigned char *)str, q = hexbuf; *p; ) {
ch = *p++;
- if(ch == ':') continue;
+ if (ch == ':')
+ continue;
cl = *p++;
- if(!cl) {
- X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS);
+ if (!cl) {
+ X509V3err(X509V3_F_STRING_TO_HEX,
+ X509V3_R_ODD_NUMBER_OF_DIGITS);
free(hexbuf);
return NULL;
}
- if(isupper(ch)) ch = tolower(ch);
- if(isupper(cl)) cl = tolower(cl);
-
- if((ch >= '0') && (ch <= '9')) ch -= '0';
- else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10;
- else goto badhex;
+ if (isupper(ch))
+ ch = tolower(ch);
+ if (isupper(cl))
+ cl = tolower(cl);
+
+ if ((ch >= '0') && (ch <= '9'))
+ ch -= '0';
+ else if ((ch >= 'a') && (ch <= 'f'))
+ ch -= 'a' - 10;
+ else
+ goto badhex;
- if((cl >= '0') && (cl <= '9')) cl -= '0';
- else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10;
- else goto badhex;
+ if ((cl >= '0') && (cl <= '9'))
+ cl -= '0';
+ else if ((cl >= 'a') && (cl <= 'f'))
+ cl -= 'a' - 10;
+ else
+ goto badhex;
*q++ = (ch << 4) | cl;
}
- if(len) *len = q - hexbuf;
+ if (len)
+ *len = q - hexbuf;
return hexbuf;
- err:
+err:
free(hexbuf);
- X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE);
+ X509V3err(X509V3_F_STRING_TO_HEX, ERR_R_MALLOC_FAILURE);
return NULL;
- badhex:
+badhex:
free(hexbuf);
- X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT);
+ X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ILLEGAL_HEX_DIGIT);
return NULL;
-
}
/* V2I name comparison function: returns zero if 'name' matches
* cmp or cmp.*
*/
-int name_cmp(const char *name, const char *cmp)
+int
+name_cmp(const char *name, const char *cmp)
{
int len, ret;
char c;
+
len = strlen(cmp);
- if((ret = strncmp(name, cmp, len))) return ret;
+ if ((ret = strncmp(name, cmp, len)))
+ return ret;
c = name[len];
- if(!c || (c=='.')) return 0;
+ if (!c || (c=='.'))
+ return 0;
return 1;
}
-static int sk_strcmp(const char * const *a, const char * const *b)
+static int
+sk_strcmp(const char * const *a, const char * const *b)
{
return strcmp(*a, *b);
}
@@ -473,18 +559,16 @@ STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
if (!info)
return NULL;
- for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++)
- {
+ for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
- if (OBJ_obj2nid(ad->method) == NID_ad_OCSP)
- {
- if (ad->location->type == GEN_URI)
- {
- if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier))
+ if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {
+ if (ad->location->type == GEN_URI) {
+ if (!append_ia5(&ret,
+ ad->location->d.uniformResourceIdentifier))
break;
- }
}
}
+ }
AUTHORITY_INFO_ACCESS_free(info);
return ret;
}
@@ -504,48 +588,61 @@ STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
}
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens)
+static
+STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens)
{
STACK_OF(OPENSSL_STRING) *ret = NULL;
X509_NAME_ENTRY *ne;
ASN1_IA5STRING *email;
GENERAL_NAME *gen;
int i;
+
/* Now add any email address(es) to STACK */
i = -1;
+
/* First supplied X509_NAME */
- while((i = X509_NAME_get_index_by_NID(name,
- NID_pkcs9_emailAddress, i)) >= 0) {
+ while ((i = X509_NAME_get_index_by_NID(name,
+ NID_pkcs9_emailAddress, i)) >= 0) {
ne = X509_NAME_get_entry(name, i);
email = X509_NAME_ENTRY_get_data(ne);
- if(!append_ia5(&ret, email)) return NULL;
+ if (!append_ia5(&ret, email))
+ return NULL;
}
- for(i = 0; i < sk_GENERAL_NAME_num(gens); i++)
- {
+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
gen = sk_GENERAL_NAME_value(gens, i);
- if(gen->type != GEN_EMAIL) continue;
- if(!append_ia5(&ret, gen->d.ia5)) return NULL;
+ if (gen->type != GEN_EMAIL)
+ continue;
+ if (!append_ia5(&ret, gen->d.ia5))
+ return NULL;
}
return ret;
}
-static void str_free(OPENSSL_STRING str)
+static void
+str_free(OPENSSL_STRING str)
{
free(str);
}
-static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
+static int
+append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
{
char *emtmp;
+
/* First some sanity checks */
- if(email->type != V_ASN1_IA5STRING) return 1;
- if(!email->data || !email->length) return 1;
- if(!*sk) *sk = sk_OPENSSL_STRING_new(sk_strcmp);
- if(!*sk) return 0;
+ if (email->type != V_ASN1_IA5STRING)
+ return 1;
+ if (!email->data || !email->length)
+ return 1;
+ if (!*sk)
+ *sk = sk_OPENSSL_STRING_new(sk_strcmp);
+ if (!*sk)
+ return 0;
/* Don't add duplicates */
- if(sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1) return 1;
+ if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
+ return 1;
emtmp = BUF_strdup((char *)email->data);
- if(!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
+ if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
X509_email_free(*sk);
*sk = NULL;
return 0;
@@ -553,17 +650,19 @@ static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
return 1;
}
-void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
+void
+X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
{
sk_OPENSSL_STRING_pop_free(sk, str_free);
}
-/* Convert IP addresses both IPv4 and IPv6 into an
+/* Convert IP addresses both IPv4 and IPv6 into an
* OCTET STRING compatible with RFC3280.
*/
-ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
- {
+ASN1_OCTET_STRING *
+a2i_IPADDRESS(const char *ipasc)
+{
unsigned char ipout[16];
ASN1_OCTET_STRING *ret;
int iplen;
@@ -578,21 +677,22 @@ ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
ret = ASN1_OCTET_STRING_new();
if (!ret)
return NULL;
- if (!ASN1_OCTET_STRING_set(ret, ipout, iplen))
- {
+ if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {
ASN1_OCTET_STRING_free(ret);
return NULL;
- }
- return ret;
}
+ return ret;
+}
-ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
- {
+ASN1_OCTET_STRING *
+a2i_IPADDRESS_NC(const char *ipasc)
+{
ASN1_OCTET_STRING *ret = NULL;
unsigned char ipout[32];
char *iptmp = NULL, *p;
int iplen1, iplen2;
- p = strchr(ipasc,'/');
+
+ p = strchr(ipasc, '/');
if (!p)
return NULL;
iptmp = BUF_strdup(ipasc);
@@ -622,65 +722,67 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
return ret;
- err:
+err:
free(iptmp);
if (ret)
ASN1_OCTET_STRING_free(ret);
return NULL;
- }
-
+}
-int a2i_ipadd(unsigned char *ipout, const char *ipasc)
- {
+
+int
+a2i_ipadd(unsigned char *ipout, const char *ipasc)
+{
/* If string contains a ':' assume IPv6 */
- if (strchr(ipasc, ':'))
- {
+ if (strchr(ipasc, ':')) {
if (!ipv6_from_asc(ipout, ipasc))
return 0;
return 16;
- }
- else
- {
+ } else {
if (!ipv4_from_asc(ipout, ipasc))
return 0;
return 4;
- }
}
+}
-static int ipv4_from_asc(unsigned char *v4, const char *in)
- {
+static int
+ipv4_from_asc(unsigned char *v4, const char *in)
+{
int a0, a1, a2, a3;
if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
return 0;
- if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
- || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
+ if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) ||
+ (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
return 0;
v4[0] = a0;
v4[1] = a1;
v4[2] = a2;
v4[3] = a3;
return 1;
- }
+}
typedef struct {
- /* Temporary store for IPV6 output */
- unsigned char tmp[16];
- /* Total number of bytes in tmp */
- int total;
- /* The position of a zero (corresponding to '::') */
- int zero_pos;
- /* Number of zeroes */
- int zero_cnt;
- } IPV6_STAT;
-
-
-static int ipv6_from_asc(unsigned char *v6, const char *in)
- {
+ /* Temporary store for IPV6 output */
+ unsigned char tmp[16];
+ /* Total number of bytes in tmp */
+ int total;
+ /* The position of a zero (corresponding to '::') */
+ int zero_pos;
+ /* Number of zeroes */
+ int zero_cnt;
+} IPV6_STAT;
+
+
+static int
+ipv6_from_asc(unsigned char *v6, const char *in)
+{
IPV6_STAT v6stat;
+
v6stat.total = 0;
v6stat.zero_pos = -1;
v6stat.zero_cnt = 0;
+
/* Treat the IPv6 representation as a list of values
* separated by ':'. The presence of a '::' will parse
* as one, two or three zero length elements.
@@ -690,14 +792,11 @@ static int ipv6_from_asc(unsigned char *v6, const char *in)
/* Now for some sanity checks */
- if (v6stat.zero_pos == -1)
- {
+ if (v6stat.zero_pos == -1) {
/* If no '::' must have exactly 16 bytes */
if (v6stat.total != 16)
return 0;
- }
- else
- {
+ } else {
/* If '::' must have less than 16 bytes */
if (v6stat.total == 16)
return 0;
@@ -705,31 +804,27 @@ static int ipv6_from_asc(unsigned char *v6, const char *in)
if (v6stat.zero_cnt > 3)
return 0;
/* Can only have three zeroes if nothing else present */
- else if (v6stat.zero_cnt == 3)
- {
+ else if (v6stat.zero_cnt == 3) {
if (v6stat.total > 0)
return 0;
- }
+ }
/* Can only have two zeroes if at start or end */
- else if (v6stat.zero_cnt == 2)
- {
- if ((v6stat.zero_pos != 0)
- && (v6stat.zero_pos != v6stat.total))
+ else if (v6stat.zero_cnt == 2) {
+ if ((v6stat.zero_pos != 0) &&
+ (v6stat.zero_pos != v6stat.total))
return 0;
- }
- else
- /* Can only have one zero if *not* start or end */
- {
- if ((v6stat.zero_pos == 0)
- || (v6stat.zero_pos == v6stat.total))
+ } else
+ /* Can only have one zero if *not* start or end */
+ {
+ if ((v6stat.zero_pos == 0) ||
+ (v6stat.zero_pos == v6stat.total))
return 0;
- }
}
+ }
/* Format result */
- if (v6stat.zero_pos >= 0)
- {
+ if (v6stat.zero_pos >= 0) {
/* Copy initial part */
memcpy(v6, v6stat.tmp, v6stat.zero_pos);
/* Zero middle */
@@ -737,23 +832,23 @@ static int ipv6_from_asc(unsigned char *v6, const char *in)
/* Copy final part */
if (v6stat.total != v6stat.zero_pos)
memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
- v6stat.tmp + v6stat.zero_pos,
- v6stat.total - v6stat.zero_pos);
- }
- else
+ v6stat.tmp + v6stat.zero_pos,
+ v6stat.total - v6stat.zero_pos);
+ } else
memcpy(v6, v6stat.tmp, 16);
return 1;
- }
+}
-static int ipv6_cb(const char *elem, int len, void *usr)
- {
+static int
+ipv6_cb(const char *elem, int len, void *usr)
+{
IPV6_STAT *s = usr;
+
/* Error if 16 bytes written */
if (s->total == 16)
return 0;
- if (len == 0)
- {
+ if (len == 0) {
/* Zero length element, corresponds to '::' */
if (s->zero_pos == -1)
s->zero_pos = s->total;
@@ -761,12 +856,9 @@ static int ipv6_cb(const char *elem, int len, void *usr)
else if (s->zero_pos != s->total)
return 0;
s->zero_cnt++;
- }
- else
- {
+ } else {
/* If more than 4 characters could be final a.b.c.d form */
- if (len > 4)
- {
+ if (len > 4) {
/* Need at least 4 bytes left */
if (s->total > 12)
return 0;
@@ -776,29 +868,28 @@ static int ipv6_cb(const char *elem, int len, void *usr)
if (!ipv4_from_asc(s->tmp + s->total, elem))
return 0;
s->total += 4;
- }
- else
- {
+ } else {
if (!ipv6_hex(s->tmp + s->total, elem, len))
return 0;
s->total += 2;
- }
}
- return 1;
}
+ return 1;
+}
/* Convert a string of up to 4 hex digits into the corresponding
* IPv6 form.
*/
-static int ipv6_hex(unsigned char *out, const char *in, int inlen)
- {
+static int
+ipv6_hex(unsigned char *out, const char *in, int inlen)
+{
unsigned char c;
unsigned int num = 0;
+
if (inlen > 4)
return 0;
- while(inlen--)
- {
+ while (inlen--) {
c = *in++;
num <<= 4;
if ((c >= '0') && (c <= '9'))
@@ -809,47 +900,44 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen)
num |= c - 'a' + 10;
else
return 0;
- }
+ }
out[0] = num >> 8;
out[1] = num & 0xff;
return 1;
- }
-
+}
-int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
- unsigned long chtype)
- {
+int
+X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
+ unsigned long chtype)
+{
CONF_VALUE *v;
int i, mval;
char *p, *type;
+
if (!nm)
return 0;
- for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++)
- {
- v=sk_CONF_VALUE_value(dn_sk,i);
- type=v->name;
+ for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
+ v = sk_CONF_VALUE_value(dn_sk, i);
+ type = v->name;
/* Skip past any leading X. X: X, etc to allow for
- * multiple instances
+ * multiple instances
*/
- for(p = type; *p ; p++)
- if ((*p == ':') || (*p == ',') || (*p == '.'))
- {
+ for (p = type; *p; p++)
+ if ((*p == ':') || (*p == ',') || (*p == '.')) {
p++;
- if(*p) type = p;
+ if (*p)
+ type = p;
break;
- }
- if (*type == '+')
- {
+ }
+ if (*type == '+') {
mval = -1;
type++;
- }
- else
+ } else
mval = 0;
- if (!X509_NAME_add_entry_by_txt(nm,type, chtype,
- (unsigned char *) v->value,-1,-1,mval))
- return 0;
-
- }
- return 1;
+ if (!X509_NAME_add_entry_by_txt(nm, type, chtype,
+ (unsigned char *) v->value, -1, -1, mval))
+ return 0;
}
+ return 1;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-28 01:52:06 +0000