grpc 1.41.0 → 1.41.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +4 -3
- data/etc/roots.pem +335 -326
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/err_data.c +278 -272
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +15 -22
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +19 -29
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/a_strex.c +268 -271
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +6 -43
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -39
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/charmap.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +289 -198
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +9 -13
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -17
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +45 -65
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +21 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +24 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +12 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +16 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +151 -12
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +181 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -179
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +11 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +22 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +24 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +17 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +112 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +71 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +304 -192
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +2 -9
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +3 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +9 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +8 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +9 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +37 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +26 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +50 -76
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +0 -131
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +48 -8
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +266 -357
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +90 -152
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +75 -79
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +96 -97
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +63 -43
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +14 -16
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +14 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +203 -203
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +30 -41
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +47 -33
- metadata +39 -38
@@ -81,6 +81,22 @@ struct X509_pubkey_st {
|
|
81
81
|
EVP_PKEY *pkey;
|
82
82
|
} /* X509_PUBKEY */;
|
83
83
|
|
84
|
+
struct X509_name_entry_st {
|
85
|
+
ASN1_OBJECT *object;
|
86
|
+
ASN1_STRING *value;
|
87
|
+
int set;
|
88
|
+
} /* X509_NAME_ENTRY */;
|
89
|
+
|
90
|
+
// we always keep X509_NAMEs in 2 forms.
|
91
|
+
struct X509_name_st {
|
92
|
+
STACK_OF(X509_NAME_ENTRY) *entries;
|
93
|
+
int modified; // true if 'bytes' needs to be built
|
94
|
+
BUF_MEM *bytes;
|
95
|
+
// unsigned long hash; Keep the hash around for lookups
|
96
|
+
unsigned char *canon_enc;
|
97
|
+
int canon_enclen;
|
98
|
+
} /* X509_NAME */;
|
99
|
+
|
84
100
|
struct x509_attributes_st {
|
85
101
|
ASN1_OBJECT *object;
|
86
102
|
STACK_OF(ASN1_TYPE) *set;
|
@@ -100,6 +116,47 @@ struct X509_extension_st {
|
|
100
116
|
ASN1_OCTET_STRING *value;
|
101
117
|
} /* X509_EXTENSION */;
|
102
118
|
|
119
|
+
typedef struct {
|
120
|
+
ASN1_INTEGER *version; // [ 0 ] default of v1
|
121
|
+
ASN1_INTEGER *serialNumber;
|
122
|
+
X509_ALGOR *signature;
|
123
|
+
X509_NAME *issuer;
|
124
|
+
X509_VAL *validity;
|
125
|
+
X509_NAME *subject;
|
126
|
+
X509_PUBKEY *key;
|
127
|
+
ASN1_BIT_STRING *issuerUID; // [ 1 ] optional in v2
|
128
|
+
ASN1_BIT_STRING *subjectUID; // [ 2 ] optional in v2
|
129
|
+
STACK_OF(X509_EXTENSION) *extensions; // [ 3 ] optional in v3
|
130
|
+
ASN1_ENCODING enc;
|
131
|
+
} X509_CINF;
|
132
|
+
|
133
|
+
DECLARE_ASN1_FUNCTIONS(X509_CINF)
|
134
|
+
|
135
|
+
struct x509_st {
|
136
|
+
X509_CINF *cert_info;
|
137
|
+
X509_ALGOR *sig_alg;
|
138
|
+
ASN1_BIT_STRING *signature;
|
139
|
+
CRYPTO_refcount_t references;
|
140
|
+
CRYPTO_EX_DATA ex_data;
|
141
|
+
// These contain copies of various extension values
|
142
|
+
long ex_pathlen;
|
143
|
+
long ex_pcpathlen;
|
144
|
+
unsigned long ex_flags;
|
145
|
+
unsigned long ex_kusage;
|
146
|
+
unsigned long ex_xkusage;
|
147
|
+
unsigned long ex_nscert;
|
148
|
+
ASN1_OCTET_STRING *skid;
|
149
|
+
AUTHORITY_KEYID *akid;
|
150
|
+
X509_POLICY_CACHE *policy_cache;
|
151
|
+
STACK_OF(DIST_POINT) *crldp;
|
152
|
+
STACK_OF(GENERAL_NAME) *altname;
|
153
|
+
NAME_CONSTRAINTS *nc;
|
154
|
+
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
155
|
+
X509_CERT_AUX *aux;
|
156
|
+
CRYPTO_BUFFER *buf;
|
157
|
+
CRYPTO_MUTEX lock;
|
158
|
+
} /* X509 */;
|
159
|
+
|
103
160
|
typedef struct {
|
104
161
|
ASN1_ENCODING enc;
|
105
162
|
ASN1_INTEGER *version;
|
@@ -153,7 +210,6 @@ struct X509_crl_st {
|
|
153
210
|
void *meth_data;
|
154
211
|
} /* X509_CRL */;
|
155
212
|
|
156
|
-
|
157
213
|
struct X509_VERIFY_PARAM_st {
|
158
214
|
char *name;
|
159
215
|
time_t check_time; // Time to use
|
@@ -174,6 +230,130 @@ struct X509_VERIFY_PARAM_st {
|
|
174
230
|
unsigned char poison; // Fail all verifications at name checking
|
175
231
|
} /* X509_VERIFY_PARAM */;
|
176
232
|
|
233
|
+
struct x509_object_st {
|
234
|
+
// one of the above types
|
235
|
+
int type;
|
236
|
+
union {
|
237
|
+
char *ptr;
|
238
|
+
X509 *x509;
|
239
|
+
X509_CRL *crl;
|
240
|
+
EVP_PKEY *pkey;
|
241
|
+
} data;
|
242
|
+
} /* X509_OBJECT */;
|
243
|
+
|
244
|
+
// This is a static that defines the function interface
|
245
|
+
struct x509_lookup_method_st {
|
246
|
+
const char *name;
|
247
|
+
int (*new_item)(X509_LOOKUP *ctx);
|
248
|
+
void (*free)(X509_LOOKUP *ctx);
|
249
|
+
int (*init)(X509_LOOKUP *ctx);
|
250
|
+
int (*shutdown)(X509_LOOKUP *ctx);
|
251
|
+
int (*ctrl)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
|
252
|
+
char **ret);
|
253
|
+
int (*get_by_subject)(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
254
|
+
X509_OBJECT *ret);
|
255
|
+
int (*get_by_issuer_serial)(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
256
|
+
ASN1_INTEGER *serial, X509_OBJECT *ret);
|
257
|
+
int (*get_by_fingerprint)(X509_LOOKUP *ctx, int type, unsigned char *bytes,
|
258
|
+
int len, X509_OBJECT *ret);
|
259
|
+
int (*get_by_alias)(X509_LOOKUP *ctx, int type, char *str, int len,
|
260
|
+
X509_OBJECT *ret);
|
261
|
+
} /* X509_LOOKUP_METHOD */;
|
262
|
+
|
263
|
+
// This is used to hold everything. It is used for all certificate
|
264
|
+
// validation. Once we have a certificate chain, the 'verify'
|
265
|
+
// function is then called to actually check the cert chain.
|
266
|
+
struct x509_store_st {
|
267
|
+
// The following is a cache of trusted certs
|
268
|
+
int cache; // if true, stash any hits
|
269
|
+
STACK_OF(X509_OBJECT) *objs; // Cache of all objects
|
270
|
+
CRYPTO_MUTEX objs_lock;
|
271
|
+
|
272
|
+
// These are external lookup methods
|
273
|
+
STACK_OF(X509_LOOKUP) *get_cert_methods;
|
274
|
+
|
275
|
+
X509_VERIFY_PARAM *param;
|
276
|
+
|
277
|
+
// Callbacks for various operations
|
278
|
+
X509_STORE_CTX_verify_fn verify; // called to verify a certificate
|
279
|
+
X509_STORE_CTX_verify_cb verify_cb; // error callback
|
280
|
+
X509_STORE_CTX_get_issuer_fn get_issuer; // get issuers cert from ctx
|
281
|
+
X509_STORE_CTX_check_issued_fn check_issued; // check issued
|
282
|
+
X509_STORE_CTX_check_revocation_fn
|
283
|
+
check_revocation; // Check revocation status of chain
|
284
|
+
X509_STORE_CTX_get_crl_fn get_crl; // retrieve CRL
|
285
|
+
X509_STORE_CTX_check_crl_fn check_crl; // Check CRL validity
|
286
|
+
X509_STORE_CTX_cert_crl_fn cert_crl; // Check certificate against CRL
|
287
|
+
X509_STORE_CTX_lookup_certs_fn lookup_certs;
|
288
|
+
X509_STORE_CTX_lookup_crls_fn lookup_crls;
|
289
|
+
X509_STORE_CTX_cleanup_fn cleanup;
|
290
|
+
|
291
|
+
CRYPTO_refcount_t references;
|
292
|
+
} /* X509_STORE */;
|
293
|
+
|
294
|
+
|
295
|
+
// This is the functions plus an instance of the local variables.
|
296
|
+
struct x509_lookup_st {
|
297
|
+
int init; // have we been started
|
298
|
+
int skip; // don't use us.
|
299
|
+
X509_LOOKUP_METHOD *method; // the functions
|
300
|
+
char *method_data; // method data
|
301
|
+
|
302
|
+
X509_STORE *store_ctx; // who owns us
|
303
|
+
} /* X509_LOOKUP */;
|
304
|
+
|
305
|
+
// This is a used when verifying cert chains. Since the
|
306
|
+
// gathering of the cert chain can take some time (and have to be
|
307
|
+
// 'retried', this needs to be kept and passed around.
|
308
|
+
struct x509_store_ctx_st {
|
309
|
+
X509_STORE *ctx;
|
310
|
+
|
311
|
+
// The following are set by the caller
|
312
|
+
X509 *cert; // The cert to check
|
313
|
+
STACK_OF(X509) *untrusted; // chain of X509s - untrusted - passed in
|
314
|
+
STACK_OF(X509_CRL) *crls; // set of CRLs passed in
|
315
|
+
|
316
|
+
X509_VERIFY_PARAM *param;
|
317
|
+
void *other_ctx; // Other info for use with get_issuer()
|
318
|
+
|
319
|
+
// Callbacks for various operations
|
320
|
+
X509_STORE_CTX_verify_fn verify; // called to verify a certificate
|
321
|
+
X509_STORE_CTX_verify_cb verify_cb; // error callback
|
322
|
+
X509_STORE_CTX_get_issuer_fn get_issuer; // get issuers cert from ctx
|
323
|
+
X509_STORE_CTX_check_issued_fn check_issued; // check issued
|
324
|
+
X509_STORE_CTX_check_revocation_fn
|
325
|
+
check_revocation; // Check revocation status of chain
|
326
|
+
X509_STORE_CTX_get_crl_fn get_crl; // retrieve CRL
|
327
|
+
X509_STORE_CTX_check_crl_fn check_crl; // Check CRL validity
|
328
|
+
X509_STORE_CTX_cert_crl_fn cert_crl; // Check certificate against CRL
|
329
|
+
X509_STORE_CTX_check_policy_fn check_policy;
|
330
|
+
X509_STORE_CTX_lookup_certs_fn lookup_certs;
|
331
|
+
X509_STORE_CTX_lookup_crls_fn lookup_crls;
|
332
|
+
X509_STORE_CTX_cleanup_fn cleanup;
|
333
|
+
|
334
|
+
// The following is built up
|
335
|
+
int valid; // if 0, rebuild chain
|
336
|
+
int last_untrusted; // index of last untrusted cert
|
337
|
+
STACK_OF(X509) *chain; // chain of X509s - built up and trusted
|
338
|
+
X509_POLICY_TREE *tree; // Valid policy tree
|
339
|
+
|
340
|
+
int explicit_policy; // Require explicit policy value
|
341
|
+
|
342
|
+
// When something goes wrong, this is why
|
343
|
+
int error_depth;
|
344
|
+
int error;
|
345
|
+
X509 *current_cert;
|
346
|
+
X509 *current_issuer; // cert currently being tested as valid issuer
|
347
|
+
X509_CRL *current_crl; // current CRL
|
348
|
+
|
349
|
+
int current_crl_score; // score of current CRL
|
350
|
+
unsigned int current_reasons; // Reason mask
|
351
|
+
|
352
|
+
X509_STORE_CTX *parent; // For CRL path validation: parent context
|
353
|
+
|
354
|
+
CRYPTO_EX_DATA ex_data;
|
355
|
+
} /* X509_STORE_CTX */;
|
356
|
+
|
177
357
|
|
178
358
|
/* RSA-PSS functions. */
|
179
359
|
|
@@ -0,0 +1,246 @@
|
|
1
|
+
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
2
|
+
* All rights reserved.
|
3
|
+
*
|
4
|
+
* This package is an SSL implementation written
|
5
|
+
* by Eric Young (eay@cryptsoft.com).
|
6
|
+
* The implementation was written so as to conform with Netscapes SSL.
|
7
|
+
*
|
8
|
+
* This library is free for commercial and non-commercial use as long as
|
9
|
+
* the following conditions are aheared to. The following conditions
|
10
|
+
* apply to all code found in this distribution, be it the RC4, RSA,
|
11
|
+
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
12
|
+
* included with this distribution is covered by the same copyright terms
|
13
|
+
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
14
|
+
*
|
15
|
+
* Copyright remains Eric Young's, and as such any Copyright notices in
|
16
|
+
* the code are not to be removed.
|
17
|
+
* If this package is used in a product, Eric Young should be given attribution
|
18
|
+
* as the author of the parts of the library used.
|
19
|
+
* This can be in the form of a textual message at program startup or
|
20
|
+
* in documentation (online or textual) provided with the package.
|
21
|
+
*
|
22
|
+
* Redistribution and use in source and binary forms, with or without
|
23
|
+
* modification, are permitted provided that the following conditions
|
24
|
+
* are met:
|
25
|
+
* 1. Redistributions of source code must retain the copyright
|
26
|
+
* notice, this list of conditions and the following disclaimer.
|
27
|
+
* 2. Redistributions in binary form must reproduce the above copyright
|
28
|
+
* notice, this list of conditions and the following disclaimer in the
|
29
|
+
* documentation and/or other materials provided with the distribution.
|
30
|
+
* 3. All advertising materials mentioning features or use of this software
|
31
|
+
* must display the following acknowledgement:
|
32
|
+
* "This product includes cryptographic software written by
|
33
|
+
* Eric Young (eay@cryptsoft.com)"
|
34
|
+
* The word 'cryptographic' can be left out if the rouines from the library
|
35
|
+
* being used are not cryptographic related :-).
|
36
|
+
* 4. If you include any Windows specific code (or a derivative thereof) from
|
37
|
+
* the apps directory (application code) you must include an acknowledgement:
|
38
|
+
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
39
|
+
*
|
40
|
+
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
41
|
+
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
42
|
+
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
43
|
+
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
44
|
+
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
45
|
+
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
46
|
+
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
47
|
+
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
48
|
+
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
49
|
+
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
50
|
+
* SUCH DAMAGE.
|
51
|
+
*
|
52
|
+
* The licence and distribution terms for any publically available version or
|
53
|
+
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
54
|
+
* copied and put under another distribution licence
|
55
|
+
* [including the GNU Public Licence.] */
|
56
|
+
|
57
|
+
#include <openssl/x509.h>
|
58
|
+
|
59
|
+
#include <inttypes.h>
|
60
|
+
#include <string.h>
|
61
|
+
|
62
|
+
#include <openssl/asn1.h>
|
63
|
+
#include <openssl/bio.h>
|
64
|
+
#include <openssl/obj.h>
|
65
|
+
|
66
|
+
|
67
|
+
static int maybe_write(BIO *out, const void *buf, int len)
|
68
|
+
{
|
69
|
+
/* If |out| is NULL, ignore the output but report the length. */
|
70
|
+
return out == NULL || BIO_write(out, buf, len) == len;
|
71
|
+
}
|
72
|
+
|
73
|
+
/* do_indent prints |indent| spaces to |out|. */
|
74
|
+
static int do_indent(BIO *out, int indent)
|
75
|
+
{
|
76
|
+
for (int i = 0; i < indent; i++) {
|
77
|
+
if (!maybe_write(out, " ", 1)) {
|
78
|
+
return 0;
|
79
|
+
}
|
80
|
+
}
|
81
|
+
return 1;
|
82
|
+
}
|
83
|
+
|
84
|
+
#define FN_WIDTH_LN 25
|
85
|
+
#define FN_WIDTH_SN 10
|
86
|
+
|
87
|
+
static int do_name_ex(BIO *out, const X509_NAME *n, int indent,
|
88
|
+
unsigned long flags)
|
89
|
+
{
|
90
|
+
int i, prev = -1, orflags, cnt;
|
91
|
+
int fn_opt, fn_nid;
|
92
|
+
ASN1_OBJECT *fn;
|
93
|
+
ASN1_STRING *val;
|
94
|
+
X509_NAME_ENTRY *ent;
|
95
|
+
char objtmp[80];
|
96
|
+
const char *objbuf;
|
97
|
+
int outlen, len;
|
98
|
+
const char *sep_dn, *sep_mv, *sep_eq;
|
99
|
+
int sep_dn_len, sep_mv_len, sep_eq_len;
|
100
|
+
if (indent < 0)
|
101
|
+
indent = 0;
|
102
|
+
outlen = indent;
|
103
|
+
if (!do_indent(out, indent))
|
104
|
+
return -1;
|
105
|
+
switch (flags & XN_FLAG_SEP_MASK) {
|
106
|
+
case XN_FLAG_SEP_MULTILINE:
|
107
|
+
sep_dn = "\n";
|
108
|
+
sep_dn_len = 1;
|
109
|
+
sep_mv = " + ";
|
110
|
+
sep_mv_len = 3;
|
111
|
+
break;
|
112
|
+
|
113
|
+
case XN_FLAG_SEP_COMMA_PLUS:
|
114
|
+
sep_dn = ",";
|
115
|
+
sep_dn_len = 1;
|
116
|
+
sep_mv = "+";
|
117
|
+
sep_mv_len = 1;
|
118
|
+
indent = 0;
|
119
|
+
break;
|
120
|
+
|
121
|
+
case XN_FLAG_SEP_CPLUS_SPC:
|
122
|
+
sep_dn = ", ";
|
123
|
+
sep_dn_len = 2;
|
124
|
+
sep_mv = " + ";
|
125
|
+
sep_mv_len = 3;
|
126
|
+
indent = 0;
|
127
|
+
break;
|
128
|
+
|
129
|
+
case XN_FLAG_SEP_SPLUS_SPC:
|
130
|
+
sep_dn = "; ";
|
131
|
+
sep_dn_len = 2;
|
132
|
+
sep_mv = " + ";
|
133
|
+
sep_mv_len = 3;
|
134
|
+
indent = 0;
|
135
|
+
break;
|
136
|
+
|
137
|
+
default:
|
138
|
+
return -1;
|
139
|
+
}
|
140
|
+
|
141
|
+
if (flags & XN_FLAG_SPC_EQ) {
|
142
|
+
sep_eq = " = ";
|
143
|
+
sep_eq_len = 3;
|
144
|
+
} else {
|
145
|
+
sep_eq = "=";
|
146
|
+
sep_eq_len = 1;
|
147
|
+
}
|
148
|
+
|
149
|
+
fn_opt = flags & XN_FLAG_FN_MASK;
|
150
|
+
|
151
|
+
cnt = X509_NAME_entry_count(n);
|
152
|
+
for (i = 0; i < cnt; i++) {
|
153
|
+
if (flags & XN_FLAG_DN_REV)
|
154
|
+
ent = X509_NAME_get_entry(n, cnt - i - 1);
|
155
|
+
else
|
156
|
+
ent = X509_NAME_get_entry(n, i);
|
157
|
+
if (prev != -1) {
|
158
|
+
if (prev == X509_NAME_ENTRY_set(ent)) {
|
159
|
+
if (!maybe_write(out, sep_mv, sep_mv_len))
|
160
|
+
return -1;
|
161
|
+
outlen += sep_mv_len;
|
162
|
+
} else {
|
163
|
+
if (!maybe_write(out, sep_dn, sep_dn_len))
|
164
|
+
return -1;
|
165
|
+
outlen += sep_dn_len;
|
166
|
+
if (!do_indent(out, indent))
|
167
|
+
return -1;
|
168
|
+
outlen += indent;
|
169
|
+
}
|
170
|
+
}
|
171
|
+
prev = X509_NAME_ENTRY_set(ent);
|
172
|
+
fn = X509_NAME_ENTRY_get_object(ent);
|
173
|
+
val = X509_NAME_ENTRY_get_data(ent);
|
174
|
+
fn_nid = OBJ_obj2nid(fn);
|
175
|
+
if (fn_opt != XN_FLAG_FN_NONE) {
|
176
|
+
int objlen, fld_len;
|
177
|
+
if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
|
178
|
+
OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
|
179
|
+
fld_len = 0; /* XXX: what should this be? */
|
180
|
+
objbuf = objtmp;
|
181
|
+
} else {
|
182
|
+
if (fn_opt == XN_FLAG_FN_SN) {
|
183
|
+
fld_len = FN_WIDTH_SN;
|
184
|
+
objbuf = OBJ_nid2sn(fn_nid);
|
185
|
+
} else if (fn_opt == XN_FLAG_FN_LN) {
|
186
|
+
fld_len = FN_WIDTH_LN;
|
187
|
+
objbuf = OBJ_nid2ln(fn_nid);
|
188
|
+
} else {
|
189
|
+
fld_len = 0; /* XXX: what should this be? */
|
190
|
+
objbuf = "";
|
191
|
+
}
|
192
|
+
}
|
193
|
+
objlen = strlen(objbuf);
|
194
|
+
if (!maybe_write(out, objbuf, objlen))
|
195
|
+
return -1;
|
196
|
+
if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
|
197
|
+
if (!do_indent(out, fld_len - objlen))
|
198
|
+
return -1;
|
199
|
+
outlen += fld_len - objlen;
|
200
|
+
}
|
201
|
+
if (!maybe_write(out, sep_eq, sep_eq_len))
|
202
|
+
return -1;
|
203
|
+
outlen += objlen + sep_eq_len;
|
204
|
+
}
|
205
|
+
/*
|
206
|
+
* If the field name is unknown then fix up the DER dump flag. We
|
207
|
+
* might want to limit this further so it will DER dump on anything
|
208
|
+
* other than a few 'standard' fields.
|
209
|
+
*/
|
210
|
+
if ((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
|
211
|
+
orflags = ASN1_STRFLGS_DUMP_ALL;
|
212
|
+
else
|
213
|
+
orflags = 0;
|
214
|
+
|
215
|
+
len = ASN1_STRING_print_ex(out, val, flags | orflags);
|
216
|
+
if (len < 0)
|
217
|
+
return -1;
|
218
|
+
outlen += len;
|
219
|
+
}
|
220
|
+
return outlen;
|
221
|
+
}
|
222
|
+
|
223
|
+
int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
|
224
|
+
unsigned long flags)
|
225
|
+
{
|
226
|
+
if (flags == XN_FLAG_COMPAT)
|
227
|
+
return X509_NAME_print(out, nm, indent);
|
228
|
+
return do_name_ex(out, nm, indent, flags);
|
229
|
+
}
|
230
|
+
|
231
|
+
int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent,
|
232
|
+
unsigned long flags)
|
233
|
+
{
|
234
|
+
BIO *bio = NULL;
|
235
|
+
if (fp != NULL) {
|
236
|
+
/* If |fp| is NULL, this function returns the number of bytes without
|
237
|
+
* writing. */
|
238
|
+
bio = BIO_new_fp(fp, BIO_NOCLOSE);
|
239
|
+
if (bio == NULL) {
|
240
|
+
return -1;
|
241
|
+
}
|
242
|
+
}
|
243
|
+
int ret = X509_NAME_print_ex(bio, nm, indent, flags);
|
244
|
+
BIO_free(bio);
|
245
|
+
return ret;
|
246
|
+
}
|
@@ -67,12 +67,21 @@
|
|
67
67
|
#include "internal.h"
|
68
68
|
|
69
69
|
|
70
|
-
|
70
|
+
static int rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
71
|
+
void *exarg) {
|
72
|
+
if (operation == ASN1_OP_FREE_PRE) {
|
73
|
+
RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval;
|
74
|
+
X509_ALGOR_free(pss->maskHash);
|
75
|
+
}
|
76
|
+
return 1;
|
77
|
+
}
|
78
|
+
|
79
|
+
ASN1_SEQUENCE_cb(RSA_PSS_PARAMS, rsa_pss_cb) = {
|
71
80
|
ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
|
72
81
|
ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
|
73
82
|
ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
|
74
83
|
ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3),
|
75
|
-
}
|
84
|
+
} ASN1_SEQUENCE_END_cb(RSA_PSS_PARAMS, RSA_PSS_PARAMS)
|
76
85
|
|
77
86
|
IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
78
87
|
|
@@ -61,7 +61,6 @@
|
|
61
61
|
#include <openssl/x509.h>
|
62
62
|
#include <openssl/x509v3.h>
|
63
63
|
|
64
|
-
#ifndef OPENSSL_NO_FP_API
|
65
64
|
int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
|
66
65
|
{
|
67
66
|
BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
|
@@ -73,7 +72,6 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
|
|
73
72
|
BIO_free(b);
|
74
73
|
return ret;
|
75
74
|
}
|
76
|
-
#endif
|
77
75
|
|
78
76
|
int X509_CRL_print(BIO *out, X509_CRL *x)
|
79
77
|
{
|
@@ -54,7 +54,6 @@
|
|
54
54
|
* copied and put under another distribution licence
|
55
55
|
* [including the GNU Public Licence.] */
|
56
56
|
|
57
|
-
#include <ctype.h>
|
58
57
|
#include <openssl/asn1.h>
|
59
58
|
#include <openssl/bio.h>
|
60
59
|
#include <openssl/digest.h>
|
@@ -68,7 +67,6 @@
|
|
68
67
|
#include "internal.h"
|
69
68
|
|
70
69
|
|
71
|
-
#ifndef OPENSSL_NO_FP_API
|
72
70
|
int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
|
73
71
|
unsigned long cflag)
|
74
72
|
{
|
@@ -86,7 +84,6 @@ int X509_print_fp(FILE *fp, X509 *x)
|
|
86
84
|
{
|
87
85
|
return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
|
88
86
|
}
|
89
|
-
#endif
|
90
87
|
|
91
88
|
int X509_print(BIO *bp, X509 *x)
|
92
89
|
{
|
@@ -318,182 +315,6 @@ int X509_signature_print(BIO *bp, const X509_ALGOR *sigalg,
|
|
318
315
|
return 1;
|
319
316
|
}
|
320
317
|
|
321
|
-
int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
|
322
|
-
{
|
323
|
-
int i, n;
|
324
|
-
char buf[80];
|
325
|
-
const char *p;
|
326
|
-
|
327
|
-
if (v == NULL)
|
328
|
-
return (0);
|
329
|
-
n = 0;
|
330
|
-
p = (const char *)v->data;
|
331
|
-
for (i = 0; i < v->length; i++) {
|
332
|
-
if ((p[i] > '~') || ((p[i] < ' ') &&
|
333
|
-
(p[i] != '\n') && (p[i] != '\r')))
|
334
|
-
buf[n] = '.';
|
335
|
-
else
|
336
|
-
buf[n] = p[i];
|
337
|
-
n++;
|
338
|
-
if (n >= 80) {
|
339
|
-
if (BIO_write(bp, buf, n) <= 0)
|
340
|
-
return (0);
|
341
|
-
n = 0;
|
342
|
-
}
|
343
|
-
}
|
344
|
-
if (n > 0)
|
345
|
-
if (BIO_write(bp, buf, n) <= 0)
|
346
|
-
return (0);
|
347
|
-
return (1);
|
348
|
-
}
|
349
|
-
|
350
|
-
int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
|
351
|
-
{
|
352
|
-
if (tm->type == V_ASN1_UTCTIME)
|
353
|
-
return ASN1_UTCTIME_print(bp, tm);
|
354
|
-
if (tm->type == V_ASN1_GENERALIZEDTIME)
|
355
|
-
return ASN1_GENERALIZEDTIME_print(bp, tm);
|
356
|
-
BIO_write(bp, "Bad time value", 14);
|
357
|
-
return (0);
|
358
|
-
}
|
359
|
-
|
360
|
-
static const char *const mon[12] = {
|
361
|
-
"Jan", "Feb", "Mar", "Apr", "May", "Jun",
|
362
|
-
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
|
363
|
-
};
|
364
|
-
|
365
|
-
int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
|
366
|
-
{
|
367
|
-
char *v;
|
368
|
-
int gmt = 0;
|
369
|
-
int i;
|
370
|
-
int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
|
371
|
-
char *f = NULL;
|
372
|
-
int f_len = 0;
|
373
|
-
|
374
|
-
i = tm->length;
|
375
|
-
v = (char *)tm->data;
|
376
|
-
|
377
|
-
if (i < 12)
|
378
|
-
goto err;
|
379
|
-
if (v[i - 1] == 'Z')
|
380
|
-
gmt = 1;
|
381
|
-
for (i = 0; i < 12; i++)
|
382
|
-
if ((v[i] > '9') || (v[i] < '0'))
|
383
|
-
goto err;
|
384
|
-
y = (v[0] - '0') * 1000 + (v[1] - '0') * 100 + (v[2] - '0') * 10 + (v[3] -
|
385
|
-
'0');
|
386
|
-
M = (v[4] - '0') * 10 + (v[5] - '0');
|
387
|
-
if ((M > 12) || (M < 1))
|
388
|
-
goto err;
|
389
|
-
d = (v[6] - '0') * 10 + (v[7] - '0');
|
390
|
-
h = (v[8] - '0') * 10 + (v[9] - '0');
|
391
|
-
m = (v[10] - '0') * 10 + (v[11] - '0');
|
392
|
-
if (tm->length >= 14 &&
|
393
|
-
(v[12] >= '0') && (v[12] <= '9') &&
|
394
|
-
(v[13] >= '0') && (v[13] <= '9')) {
|
395
|
-
s = (v[12] - '0') * 10 + (v[13] - '0');
|
396
|
-
/* Check for fractions of seconds. */
|
397
|
-
if (tm->length >= 15 && v[14] == '.') {
|
398
|
-
int l = tm->length;
|
399
|
-
f = &v[14]; /* The decimal point. */
|
400
|
-
f_len = 1;
|
401
|
-
while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
|
402
|
-
++f_len;
|
403
|
-
}
|
404
|
-
}
|
405
|
-
|
406
|
-
if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
|
407
|
-
mon[M - 1], d, h, m, s, f_len, f, y,
|
408
|
-
(gmt) ? " GMT" : "") <= 0)
|
409
|
-
return (0);
|
410
|
-
else
|
411
|
-
return (1);
|
412
|
-
err:
|
413
|
-
BIO_write(bp, "Bad time value", 14);
|
414
|
-
return (0);
|
415
|
-
}
|
416
|
-
|
417
|
-
// consume_two_digits is a helper function for ASN1_UTCTIME_print. If |*v|,
|
418
|
-
// assumed to be |*len| bytes long, has two leading digits, updates |*out| with
|
419
|
-
// their value, updates |v| and |len|, and returns one. Otherwise, returns
|
420
|
-
// zero.
|
421
|
-
static int consume_two_digits(int* out, const char **v, int *len) {
|
422
|
-
if (*len < 2|| !isdigit((*v)[0]) || !isdigit((*v)[1])) {
|
423
|
-
return 0;
|
424
|
-
}
|
425
|
-
*out = ((*v)[0] - '0') * 10 + ((*v)[1] - '0');
|
426
|
-
*len -= 2;
|
427
|
-
*v += 2;
|
428
|
-
return 1;
|
429
|
-
}
|
430
|
-
|
431
|
-
// consume_zulu_timezone is a helper function for ASN1_UTCTIME_print. If |*v|,
|
432
|
-
// assumed to be |*len| bytes long, starts with "Z" then it updates |*v| and
|
433
|
-
// |*len| and returns one. Otherwise returns zero.
|
434
|
-
static int consume_zulu_timezone(const char **v, int *len) {
|
435
|
-
if (*len == 0 || (*v)[0] != 'Z') {
|
436
|
-
return 0;
|
437
|
-
}
|
438
|
-
|
439
|
-
*len -= 1;
|
440
|
-
*v += 1;
|
441
|
-
return 1;
|
442
|
-
}
|
443
|
-
|
444
|
-
int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) {
|
445
|
-
const char *v = (const char *)tm->data;
|
446
|
-
int len = tm->length;
|
447
|
-
int Y = 0, M = 0, D = 0, h = 0, m = 0, s = 0;
|
448
|
-
|
449
|
-
// YYMMDDhhmm are required to be present.
|
450
|
-
if (!consume_two_digits(&Y, &v, &len) ||
|
451
|
-
!consume_two_digits(&M, &v, &len) ||
|
452
|
-
!consume_two_digits(&D, &v, &len) ||
|
453
|
-
!consume_two_digits(&h, &v, &len) ||
|
454
|
-
!consume_two_digits(&m, &v, &len)) {
|
455
|
-
goto err;
|
456
|
-
}
|
457
|
-
// https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, requires seconds
|
458
|
-
// to be present, but historically this code has forgiven its absence.
|
459
|
-
consume_two_digits(&s, &v, &len);
|
460
|
-
|
461
|
-
// https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, specifies this
|
462
|
-
// interpretation of the year.
|
463
|
-
if (Y < 50) {
|
464
|
-
Y += 2000;
|
465
|
-
} else {
|
466
|
-
Y += 1900;
|
467
|
-
}
|
468
|
-
if (M > 12 || M == 0) {
|
469
|
-
goto err;
|
470
|
-
}
|
471
|
-
if (D > 31 || D == 0) {
|
472
|
-
goto err;
|
473
|
-
}
|
474
|
-
if (h > 23 || m > 59 || s > 60) {
|
475
|
-
goto err;
|
476
|
-
}
|
477
|
-
|
478
|
-
// https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, requires the "Z"
|
479
|
-
// to be present, but historically this code has forgiven its absence.
|
480
|
-
const int is_gmt = consume_zulu_timezone(&v, &len);
|
481
|
-
|
482
|
-
// https://tools.ietf.org/html/rfc5280, section 4.1.2.5.1, does not permit
|
483
|
-
// the specification of timezones using the +hhmm / -hhmm syntax, which is
|
484
|
-
// the only other thing that might legitimately be found at the end.
|
485
|
-
if (len) {
|
486
|
-
goto err;
|
487
|
-
}
|
488
|
-
|
489
|
-
return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", mon[M - 1], D, h, m, s, Y,
|
490
|
-
is_gmt ? " GMT" : "") > 0;
|
491
|
-
|
492
|
-
err:
|
493
|
-
BIO_write(bp, "Bad time value", 14);
|
494
|
-
return 0;
|
495
|
-
}
|
496
|
-
|
497
318
|
int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase)
|
498
319
|
{
|
499
320
|
char *s, *c, *b;
|