wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

option to replace extensions with new ones: mainly for creating cross-certificates

Browse source
This commit is contained in:
Dr. Stephen Henson 2010-03-03 20:13:30 +00:00
parent ebaa2cf5b2
commit b5cfc2f590
2 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
crypto/x509v3/v3_conf.c
View file

@ -322,10 +322,10 @@ static void delete_ext(STACK_OF(X509_EXTENSION) *sk, X509_EXTENSION *dext)
int idx; int idx;
ASN1_OBJECT *obj; ASN1_OBJECT *obj;
obj = X509_EXTENSION_get_object(dext); obj = X509_EXTENSION_get_object(dext);
while ((idx = X509_EXTENSION_get_by_OBJ(sk, obj, -1)) >= 0) while ((idx = X509v3_get_ext_by_OBJ(sk, obj, -1)) >= 0)
{ {
X509_EXTENSION *tmpext= X509_get_ext(sk, idx); X509_EXTENSION *tmpext = X509v3_get_ext(sk, idx);
X509_del_ext(sk, idx); X509v3_delete_ext(sk, idx);
X509_EXTENSION_free(tmpext); X509_EXTENSION_free(tmpext);
} }
} }
@ -348,7 +348,7 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
val = sk_CONF_VALUE_value(nval, i); val = sk_CONF_VALUE_value(nval, i);
if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value))) if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
return 0; return 0;
if (ctx->flags == X509V3_CTX_FLAG_REPLACE) if (ctx->flags == X509V3_CTX_REPLACE)
delete_ext(*sk, ext); delete_ext(*sk, ext);
if (sk) X509v3_add_ext(sk, ext, -1); if (sk) X509v3_add_ext(sk, ext, -1);
X509_EXTENSION_free(ext); X509_EXTENSION_free(ext);

1
crypto/x509v3/x509v3.h
View file

@ -128,6 +128,7 @@ void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
/* Context specific info */ /* Context specific info */
struct v3_ext_ctx { struct v3_ext_ctx {
#define CTX_TEST 0x1 #define CTX_TEST 0x1
#define X509V3_CTX_REPLACE 0x2
int flags; int flags;
X509 *issuer_cert; X509 *issuer_cert;
X509 *subject_cert; X509 *subject_cert;