diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2022-01-18 13:06:44 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2022-01-18 13:06:44 +0000 |
| commit | 547d9d99818209b10bd234b1449e2348ccb65c5c (patch) | |
| tree | e94f02f3c3e458db29c05aceec04317efe215567 /usr.sbin/rpki-client/x509.c | |
| parent | de2780c4ce2c3c602422a41026ab3be88e59d872 (diff) | |
Cleanup the scattered OBJ_txt2obj() calls and move them into
x509_init_oid() to initalize all necessary OID objects at start.
OK tb@
Diffstat (limited to 'usr.sbin/rpki-client/x509.c')
| -rw-r--r-- | usr.sbin/rpki-client/x509.c | 34 |
1 files changed, 27 insertions, 7 deletions
diff --git a/usr.sbin/rpki-client/x509.c b/usr.sbin/rpki-client/x509.c index 1b5f3ff0454..7205624a95b 100644 --- a/usr.sbin/rpki-client/x509.c +++ b/usr.sbin/rpki-client/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.29 2021/10/28 09:02:19 beck Exp $ */ +/* $OpenBSD: x509.c,v 1.30 2022/01/18 13:06:43 claudio Exp $ */ /* * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -30,11 +30,34 @@ #include "extern.h" -static ASN1_OBJECT *bgpsec_oid; /* id-kp-bgpsec-router */ +ASN1_OBJECT *carepo_oid; /* 1.3.6.1.5.5.7.48.5 (caRepository) */ +ASN1_OBJECT *manifest_oid; /* 1.3.6.1.5.5.7.48.10 (rpkiManifest) */ +ASN1_OBJECT *notify_oid; /* 1.3.6.1.5.5.7.48.13 (rpkiNotify) */ +ASN1_OBJECT *roa_oid; /* id-ct-routeOriginAuthz CMS content type */ +ASN1_OBJECT *mft_oid; /* id-ct-rpkiManifest CMS content type */ +ASN1_OBJECT *gbr_oid; /* id-ct-rpkiGhostbusters CMS content type */ +ASN1_OBJECT *bgpsec_oid; /* id-kp-bgpsec-router Key Purpose */ -static void -init_oid(void) + +void +x509_init_oid(void) { + + if ((carepo_oid = OBJ_txt2obj("1.3.6.1.5.5.7.48.5", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", "1.3.6.1.5.5.7.48.5"); + if ((manifest_oid = OBJ_txt2obj("1.3.6.1.5.5.7.48.10", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", "1.3.6.1.5.5.7.48.10"); + if ((notify_oid = OBJ_txt2obj("1.3.6.1.5.5.7.48.13", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", "1.3.6.1.5.5.7.48.13"); + if ((roa_oid = OBJ_txt2obj("1.2.840.113549.1.9.16.1.24", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", + "1.2.840.113549.1.9.16.1.24"); + if ((mft_oid = OBJ_txt2obj("1.2.840.113549.1.9.16.1.26", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", + "1.2.840.113549.1.9.16.1.26"); + if ((gbr_oid = OBJ_txt2obj("1.2.840.113549.1.9.16.1.35", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", + "1.2.840.113549.1.9.16.1.35"); if ((bgpsec_oid = OBJ_txt2obj("1.3.6.1.5.5.7.3.30", 1)) == NULL) errx(1, "OBJ_txt2obj for %s failed", "1.3.6.1.5.5.7.3.30"); } @@ -167,9 +190,6 @@ x509_get_purpose(X509 *x, const char *fn) goto out; } - if (bgpsec_oid == NULL) - init_oid(); - if (OBJ_cmp(bgpsec_oid, sk_ASN1_OBJECT_value(eku, 0)) == 0) { purpose = CERT_PURPOSE_BGPSEC_ROUTER; goto out; |