diff options
| author | fengweihao <[email protected]> | 2019-09-26 16:40:35 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2019-09-26 16:40:35 +0800 |
| commit | f7eda1fab8d3f8014f30ddb525f5c4e8bc75b966 (patch) | |
| tree | bc3dbd740f292594ad9ac04add8a09c68121b59c | |
| parent | d84461437ce3bb495c0144f409a00795203a1188 (diff) | |
* 修改sanlist中CN以行为分割的读取方式
| -rw-r--r-- | src/x509.c | 50 |
1 files changed, 5 insertions, 45 deletions
@@ -878,37 +878,9 @@ char *str_trim(const char *str) return strRet; } -int add_cert_ctx(X509_NAME* name, char* ctx[], int num) +static int set_altname(X509 *crt, int type, const char *sanfile) { - int i = 0; - int max = 0; - - int item[] = {NID_commonName, NID_countryName, - NID_stateOrProvinceName, NID_localityName, - NID_organizationName, NID_organizationalUnitName, - NID_pkcs9_emailAddress}; - - max = sizeof(item)/sizeof(item[0]); - max = max > num ? num : max; - - for(i = 0; i< max; ++i){ - if(!X509_NAME_add_entry_by_NID(name, item[i], MBSTRING_UTF8, (unsigned char *)ctx[i], -1, -1, 0)){ - } - } - - return 1; -} - -static void x509_set_subject(X509 *x509, char *subject) -{ - X509_NAME *name = X509_get_subject_name(x509); - X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_UTF8, (unsigned char*)subject, -1, -1, 0); - free(subject); -} - -static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **subjectname) -{ - int ret = 0, num = 0; + int ret = 0; GENERAL_NAMES *gens = NULL; GENERAL_NAME *gen = NULL; ASN1_IA5STRING *ia5 = NULL; @@ -921,17 +893,12 @@ static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **sub if (buff == NULL){ goto finish; } - char *sanline = NULL, *host = NULL; - char seps[] = ";"; + char *sanline=NULL, *host = NULL; + char seps[] = ";"; sanline = strtok(buff, seps); while (sanline) { asprintf(&host, "%s", sanline); - if (num == 0) - { - *subjectname = host; - goto next; - } gen = GENERAL_NAME_new(); if (gen == NULL) goto out; @@ -952,13 +919,11 @@ static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **sub sk_GENERAL_NAME_push(gens, gen); gen = NULL; free(host); -next: sanline = strtok(NULL, seps); if (sanline == NULL || strlen(sanline) == 1) { break; } - num++; } if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) goto out; @@ -984,12 +949,7 @@ int x509_check_host(const char *sanfile, const char *urlfile) X509 *x509 = make_cert(); if (x509 == NULL) return -1; - char *subject = NULL; - x509_set_altname(x509, GEN_DNS, sanfile,&subject); - if (subject != NULL) - { - x509_set_subject(x509, subject); - } + set_altname(x509, GEN_DNS, sanfile); fp = fopen(urlfile, "r"); assert(fp != NULL); while(fgets(line, LINE_SIZE - 1, fp)) |