diff options
| author | fengweihao <[email protected]> | 2019-09-03 15:00:17 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2019-09-03 15:00:17 +0800 |
| commit | e157d0d3dbff55d75e104f6522b4849cc1616d92 (patch) | |
| tree | 68d738dee23f5c71572be6b7bf0bae5cf0ea8275 | |
| parent | 4b55add64d1ff81bd66f6bbd8a00271919f3eac6 (diff) | |
添加从sanlist中获取subjectname配置
| -rw-r--r-- | src/x509.c | 62 |
1 files changed, 58 insertions, 4 deletions
@@ -876,7 +876,45 @@ char *str_trim(const char *str) return strRet; } -static int set_altname(X509 *crt, int type, const char *sanfile) +int add_cert_ctx(X509_NAME* name, char* ctx[], int num) +{ + int i = 0; + int max = 0; + + int item[] = {NID_commonName, NID_countryName, + NID_stateOrProvinceName, NID_localityName, + NID_organizationName, NID_organizationalUnitName, + NID_pkcs9_emailAddress}; + + max = sizeof(item)/sizeof(item[0]); + max = max > num ? num : max; + + for(i = 0; i< max; ++i){ + if(!X509_NAME_add_entry_by_NID(name, item[i], MBSTRING_UTF8, (unsigned char *)ctx[i], -1, -1, 0)){ + } + } + + return 1; +} + +static void x509_set_subject(X509 *x509, char *subject) +{ +#define SUBJECT_NAME_MAX 126 + char seps[] = ","; + char *item = strtok(subject, seps); + char key[SUBJECT_NAME_MAX] = {0}, value[SUBJECT_NAME_MAX] = {0}; + + X509_NAME *name = X509_get_subject_name(x509); + while (item) + { + sscanf(item, " %[^=]=%s", key, value); + X509_NAME_add_entry_by_txt(name, key, MBSTRING_UTF8, (unsigned char*)value, -1, -1, 0); + item = strtok(NULL, seps); + } + free(subject); +} + +static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **subjectname) { int ret = 0; GENERAL_NAMES *gens = NULL; @@ -891,9 +929,20 @@ static int set_altname(X509 *crt, int type, const char *sanfile) if (buff == NULL){ goto finish; } + char seps1[] = "\n", seps[] = ";"; char *sanline=NULL, *host = NULL; - char seps[] = ";"; - sanline = strtok(buff, seps); + if (buff[0] != '\n') + { + char *subject = strtok(buff, seps1); + if (subject != NULL) + { + *subjectname = strdup(subject); + } + sanline = strtok(NULL, seps); + }else + { + sanline = strtok(buff+1, seps); + } while (sanline) { asprintf(&host, "%s", sanline); @@ -947,7 +996,12 @@ int x509_check_host(const char *sanfile, const char *urlfile) X509 *x509 = make_cert(); if (x509 == NULL) return -1; - set_altname(x509, GEN_DNS, sanfile); + char *subject = NULL; + x509_set_altname(x509, GEN_DNS, sanfile,&subject); + if (subject != NULL) + { + x509_set_subject(x509, subject); + } fp = fopen(urlfile, "r"); assert(fp != NULL); while(fgets(line, LINE_SIZE - 1, fp)) |