1d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* v3_sxnet.c */ 24969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin/* 34969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 44969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin * 1999. 5d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 6d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* ==================================================================== 7d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 8d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 9d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Redistribution and use in source and binary forms, with or without 10d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * modification, are permitted provided that the following conditions 11d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * are met: 12d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 13d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 1. Redistributions of source code must retain the above copyright 144969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin * notice, this list of conditions and the following disclaimer. 15d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 16d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 2. Redistributions in binary form must reproduce the above copyright 17d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer in 18d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the documentation and/or other materials provided with the 19d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * distribution. 20d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 21d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 3. All advertising materials mentioning features or use of this 22d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * software must display the following acknowledgment: 23d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software developed by the OpenSSL Project 24d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 26d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * endorse or promote products derived from this software without 28d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * prior written permission. For written permission, please contact 29d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * licensing@OpenSSL.org. 30d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 31d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 5. Products derived from this software may not be called "OpenSSL" 32d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * nor may "OpenSSL" appear in their names without prior written 33d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * permission of the OpenSSL Project. 34d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 35d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 6. Redistributions of any form whatsoever must retain the following 36d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * acknowledgment: 37d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software developed by the OpenSSL Project 38d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 40d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OF THE POSSIBILITY OF SUCH DAMAGE. 52d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ==================================================================== 53d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 54d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This product includes cryptographic software written by Eric Young 55d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * (eay@cryptsoft.com). This product includes software written by Tim 56d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Hudson (tjh@cryptsoft.com). 57d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 58d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 59d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 60d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <stdio.h> 61d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <string.h> 62d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 63d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/asn1.h> 64d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/asn1t.h> 65d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/conf.h> 66d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/err.h> 67d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/mem.h> 68d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/obj.h> 69d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/x509v3.h> 70d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 71d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Support for Thawte strong extranet extension */ 72d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 73d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#define SXNET_TEST 74d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 754969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjaminstatic int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, 764969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin int indent); 77d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#ifdef SXNET_TEST 784969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjaminstatic SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, 794969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin STACK_OF(CONF_VALUE) *nval); 80d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#endif 81d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyconst X509V3_EXT_METHOD v3_sxnet = { 824969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET), 834969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 0, 0, 0, 0, 844969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 0, 0, 854969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 0, 86d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#ifdef SXNET_TEST 874969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin (X509V3_EXT_V2I)sxnet_v2i, 88d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#else 894969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 0, 90d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#endif 914969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin (X509V3_EXT_I2R)sxnet_i2r, 924969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 0, 934969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin NULL 94d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}; 95d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 96d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyASN1_SEQUENCE(SXNETID) = { 974969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER), 984969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING) 99d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} ASN1_SEQUENCE_END(SXNETID) 100d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 101d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyIMPLEMENT_ASN1_FUNCTIONS(SXNETID) 102d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 103d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyASN1_SEQUENCE(SXNET) = { 1044969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_SIMPLE(SXNET, version, ASN1_INTEGER), 1054969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_SEQUENCE_OF(SXNET, ids, SXNETID) 106d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} ASN1_SEQUENCE_END(SXNET) 107d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 108d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyIMPLEMENT_ASN1_FUNCTIONS(SXNET) 109d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 110d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, 1114969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin int indent) 112d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 1134969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin long v; 1144969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin char *tmp; 1154969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNETID *id; 1164969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin size_t i; 1174969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin v = ASN1_INTEGER_get(sx->version); 1184969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v); 1194969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin for (i = 0; i < sk_SXNETID_num(sx->ids); i++) { 1204969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin id = sk_SXNETID_value(sx->ids, i); 1214969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin tmp = i2s_ASN1_INTEGER(NULL, id->zone); 1224969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); 1234969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_free(tmp); 1244969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin M_ASN1_OCTET_STRING_print(out, id->user); 1254969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 1264969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 1; 127d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 128d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 129d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#ifdef SXNET_TEST 130d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 1314969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin/* 1324969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin * NBB: this is used for testing only. It should *not* be used for anything 133d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * else because it will just take static IDs from the configuration file and 134d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * they should really be separate values for each user. 135d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 136d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 1374969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjaminstatic SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, 1384969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin STACK_OF(CONF_VALUE) *nval) 139d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 1404969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin CONF_VALUE *cnf; 1414969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNET *sx = NULL; 1424969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin size_t i; 1434969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 1444969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin cnf = sk_CONF_VALUE_value(nval, i); 1454969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1)) 1464969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return NULL; 1474969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 1484969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return sx; 149d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 1504969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 151d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#endif 152d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 153d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Strong Extranet utility functions */ 154d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 155d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Add an id given the zone as an ASCII number */ 156d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 1574969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjaminint SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen) 158d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 1594969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_INTEGER *izone = NULL; 1604969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) { 1614969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); 1624969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 0; 1634969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 1644969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return SXNET_add_id_INTEGER(psx, izone, user, userlen); 165d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 166d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 167d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Add an id given the zone as an unsigned long */ 168d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 169d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, 1704969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin int userlen) 171d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 1724969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_INTEGER *izone = NULL; 1734969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { 1744969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); 1754969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin M_ASN1_INTEGER_free(izone); 1764969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 0; 1774969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 1784969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return SXNET_add_id_INTEGER(psx, izone, user, userlen); 1794969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 180d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 181d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 1824969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin/* 1834969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin * Add an id given the zone as an ASN1_INTEGER. Note this version uses the 1844969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin * passed integer and doesn't make a copy so don't free it up afterwards. 185d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 186d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 187d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, 1884969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin int userlen) 189d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 1904969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNET *sx = NULL; 1914969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNETID *id = NULL; 1924969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!psx || !zone || !user) { 1934969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); 1944969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 0; 1954969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 1964969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (userlen == -1) 1974969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin userlen = strlen(user); 1984969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (userlen > 64) { 1994969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, X509V3_R_USER_TOO_LONG); 2004969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 0; 2014969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 2024969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!*psx) { 2034969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!(sx = SXNET_new())) 2044969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin goto err; 2054969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!ASN1_INTEGER_set(sx->version, 0)) 2064969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin goto err; 2074969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin *psx = sx; 2084969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } else 2094969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin sx = *psx; 2104969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (SXNET_get_id_INTEGER(sx, zone)) { 2114969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, X509V3_R_DUPLICATE_ZONE_ID); 2124969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 0; 2134969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 2144969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 2154969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!(id = SXNETID_new())) 2164969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin goto err; 2174969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (userlen == -1) 2184969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin userlen = strlen(user); 2194969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin 2204969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) 2214969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin goto err; 2224969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!sk_SXNETID_push(sx->ids, id)) 2234969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin goto err; 2244969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin id->zone = zone; 2254969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 1; 226d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 2274969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin err: 2284969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); 2294969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNETID_free(id); 2304969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNET_free(sx); 2314969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin *psx = NULL; 2324969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return 0; 233d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 234d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 235d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone) 236d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 2374969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_INTEGER *izone = NULL; 2384969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_OCTET_STRING *oct; 2394969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) { 2404969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_CONVERTING_ZONE); 2414969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return NULL; 2424969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 2434969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin oct = SXNET_get_id_INTEGER(sx, izone); 2444969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin M_ASN1_INTEGER_free(izone); 2454969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return oct; 246d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 247d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 248d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) 249d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 2504969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_INTEGER *izone = NULL; 2514969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin ASN1_OCTET_STRING *oct; 2524969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { 2534969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE); 2544969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin M_ASN1_INTEGER_free(izone); 2554969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return NULL; 2564969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 2574969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin oct = SXNET_get_id_INTEGER(sx, izone); 2584969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin M_ASN1_INTEGER_free(izone); 2594969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return oct; 260d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 261d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 262d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone) 263d9e397b599b13d642138480a28c14db7a136bf0Adam Langley{ 2644969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin SXNETID *id; 2654969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin size_t i; 2664969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin for (i = 0; i < sk_SXNETID_num(sx->ids); i++) { 2674969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin id = sk_SXNETID_value(sx->ids, i); 2684969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin if (!M_ASN1_INTEGER_cmp(id->zone, zone)) 2694969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return id->user; 2704969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin } 2714969cc9b0ab2905ec478277f50ed3849b37a6c6bDavid Benjamin return NULL; 272d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 273d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 274d9e397b599b13d642138480a28c14db7a136bf0Adam LangleyIMPLEMENT_ASN1_SET_OF(SXNETID) 275