195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* v3_sxnet.c */
295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * project 1999.
495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */
595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* ====================================================================
695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Redistribution and use in source and binary forms, with or without
995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * modification, are permitted provided that the following conditions
1095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * are met:
1195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
1295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1. Redistributions of source code must retain the above copyright
1395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    notice, this list of conditions and the following disclaimer.
1495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
1595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2. Redistributions in binary form must reproduce the above copyright
1695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    notice, this list of conditions and the following disclaimer in
1795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    the documentation and/or other materials provided with the
1895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    distribution.
1995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
2095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3. All advertising materials mentioning features or use of this
2195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    software must display the following acknowledgment:
2295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    "This product includes software developed by the OpenSSL Project
2395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
2495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
2595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
2695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    endorse or promote products derived from this software without
2795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    prior written permission. For written permission, please contact
2895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    licensing@OpenSSL.org.
2995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
3095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 5. Products derived from this software may not be called "OpenSSL"
3195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    nor may "OpenSSL" appear in their names without prior written
3295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    permission of the OpenSSL Project.
3395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
3495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6. Redistributions of any form whatsoever must retain the following
3595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    acknowledgment:
3695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    "This product includes software developed by the OpenSSL Project
3795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
3895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
3995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
4095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
4295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
4395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
4495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
4595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
4695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
4895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
4995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
5095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OF THE POSSIBILITY OF SUCH DAMAGE.
5195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ====================================================================
5295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
5395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This product includes cryptographic software written by Eric Young
5495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * (eay@cryptsoft.com).  This product includes software written by Tim
5595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Hudson (tjh@cryptsoft.com).
5695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
5795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */
5895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
5995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <stdio.h>
6095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
6195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/asn1.h>
6295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/asn1t.h>
6395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/conf.h>
6495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/err.h>
6595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/mem.h>
6695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/obj.h>
6795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/x509v3.h>
6895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
6995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
7095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Support for Thawte strong extranet extension */
7195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
7295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SXNET_TEST
7395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
7495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleystatic int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
7595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#ifdef SXNET_TEST
7695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleystatic SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
7795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley						STACK_OF(CONF_VALUE) *nval);
7895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#endif
7995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst X509V3_EXT_METHOD v3_sxnet = {
8095c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyNID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
8195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley0,0,0,0,
8295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley0,0,
8395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley0,
8495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#ifdef SXNET_TEST
8595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley(X509V3_EXT_V2I)sxnet_v2i,
8695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#else
8795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley0,
8895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#endif
8995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley(X509V3_EXT_I2R)sxnet_i2r,
9095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley0,
9195c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyNULL
9295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley};
9395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
9495c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyASN1_SEQUENCE(SXNETID) = {
9595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
9695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
9795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley} ASN1_SEQUENCE_END(SXNETID)
9895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
9995c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyIMPLEMENT_ASN1_FUNCTIONS(SXNETID)
10095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
10195c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyASN1_SEQUENCE(SXNET) = {
10295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
10395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
10495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley} ASN1_SEQUENCE_END(SXNET)
10595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
10695c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyIMPLEMENT_ASN1_FUNCTIONS(SXNET)
10795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
10895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleystatic int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
10995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	     int indent)
11095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
11195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	long v;
11295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	char *tmp;
11395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNETID *id;
11495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	size_t i;
11595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	v = ASN1_INTEGER_get(sx->version);
11695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
11795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
11895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		id = sk_SXNETID_value(sx->ids, i);
11995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		tmp = i2s_ASN1_INTEGER(NULL, id->zone);
12095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
12195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_free(tmp);
12295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		M_ASN1_OCTET_STRING_print(out, id->user);
12395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
12495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return 1;
12595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
12695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
12795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#ifdef SXNET_TEST
12895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
12995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* NBB: this is used for testing only. It should *not* be used for anything
13095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * else because it will just take static IDs from the configuration file and
13195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * they should really be separate values for each user.
13295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */
13395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
13495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
13595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleystatic SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
13695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	     STACK_OF(CONF_VALUE) *nval)
13795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
13895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	CONF_VALUE *cnf;
13995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNET *sx = NULL;
14095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	size_t i;
14195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
14295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		cnf = sk_CONF_VALUE_value(nval, i);
14395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
14495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley								 return NULL;
14595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
14695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return sx;
14795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
14895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
14995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
15095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#endif
15195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
15295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Strong Extranet utility functions */
15395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
15495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Add an id given the zone as an ASCII number */
15595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
15695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
15795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	     int userlen)
15895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
15995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_INTEGER *izone = NULL;
16095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
16195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_asc, X509V3_R_ERROR_CONVERTING_ZONE);
16295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return 0;
16395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
16495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
16595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
16695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
16795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Add an id given the zone as an unsigned long */
16895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
16995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
17095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	     int userlen)
17195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
17295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_INTEGER *izone = NULL;
17395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
17495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_ulong, ERR_R_MALLOC_FAILURE);
17595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		M_ASN1_INTEGER_free(izone);
17695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return 0;
17795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
17895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
17995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
18095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
18195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
18295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Add an id given the zone as an ASN1_INTEGER.
18395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Note this version uses the passed integer and doesn't make a copy so don't
18495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * free it up afterwards.
18595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */
18695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
18795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
18895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	     int userlen)
18995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
19095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNET *sx = NULL;
19195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNETID *id = NULL;
19295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!psx || !zone || !user) {
19395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_INVALID_NULL_ARGUMENT);
19495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return 0;
19595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
19695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(userlen == -1) userlen = strlen(user);
19795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(userlen > 64) {
19895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_USER_TOO_LONG);
19995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return 0;
20095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
20195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!*psx) {
20295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		if(!(sx = SXNET_new())) goto err;
20395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
20495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		*psx = sx;
20595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	} else sx = *psx;
20695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(SXNET_get_id_INTEGER(sx, zone)) {
20795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, X509V3_R_DUPLICATE_ZONE_ID);
20895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return 0;
20995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
21095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
21195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!(id = SXNETID_new())) goto err;
21295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(userlen == -1) userlen = strlen(user);
21395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
21495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
21595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!sk_SXNETID_push(sx->ids, id)) goto err;
21695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	id->zone = zone;
21795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return 1;
21895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
21995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	err:
22095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	OPENSSL_PUT_ERROR(X509V3, SXNET_add_id_INTEGER, ERR_R_MALLOC_FAILURE);
22195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNETID_free(id);
22295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNET_free(sx);
22395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	*psx = NULL;
22495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return 0;
22595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
22695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
22795c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
22895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
22995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_INTEGER *izone = NULL;
23095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_OCTET_STRING *oct;
23195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
23295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_asc, X509V3_R_ERROR_CONVERTING_ZONE);
23395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return NULL;
23495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
23595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	oct = SXNET_get_id_INTEGER(sx, izone);
23695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	M_ASN1_INTEGER_free(izone);
23795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return oct;
23895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
23995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
24095c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
24195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
24295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_INTEGER *izone = NULL;
24395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	ASN1_OCTET_STRING *oct;
24495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
24595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		OPENSSL_PUT_ERROR(X509V3, SXNET_get_id_ulong, ERR_R_MALLOC_FAILURE);
24695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		M_ASN1_INTEGER_free(izone);
24795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		return NULL;
24895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
24995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	oct = SXNET_get_id_INTEGER(sx, izone);
25095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	M_ASN1_INTEGER_free(izone);
25195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return oct;
25295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
25395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
25495c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
25595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley{
25695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	SXNETID *id;
25795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	size_t i;
25895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
25995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		id = sk_SXNETID_value(sx->ids, i);
26095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley		if(!M_ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
26195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	}
26295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley	return NULL;
26395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
26495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
26595c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyIMPLEMENT_ASN1_SET_OF(SXNETID)
266