From 969b403fa732f9a662fb68efd6fcc6f1c26f1200 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 25 May 2010 19:43:21 +0300 Subject: [PATCH] Internal TLS: Add domainComponent parser for X.509 names --- src/tls/x509v3.c | 18 ++++++++++++++++++ src/tls/x509v3.h | 1 + 2 files changed, 19 insertions(+) diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c index e9405cd4f..4fc513310 100644 --- a/src/tls/x509v3.c +++ b/src/tls/x509v3.c @@ -22,6 +22,7 @@ static void x509_free_name(struct x509_name *name) { + os_free(name->dc); os_free(name->cn); os_free(name->c); os_free(name->l); @@ -29,6 +30,7 @@ static void x509_free_name(struct x509_name *name) os_free(name->o); os_free(name->ou); os_free(name->email); + name->dc = NULL; name->cn = name->c = name->l = name->st = name->o = name->ou = NULL; name->email = NULL; @@ -160,6 +162,9 @@ int x509_name_compare(struct x509_name *a, struct x509_name *b) if (!a && !b) return 0; + res = x509_str_compare(a->dc, b->dc); + if (res) + return res; res = x509_str_compare(a->cn, b->cn); if (res) return res; @@ -418,6 +423,13 @@ static int x509_parse_name(const u8 *buf, size_t len, struct x509_name *name, oid.oid[6] == 1) { /* 1.2.840.113549.1.9.1 - e-mailAddress */ fieldp = &name->email; + } else if (oid.len == 7 && + oid.oid[0] == 0 && oid.oid[1] == 9 && + oid.oid[2] == 2342 && oid.oid[3] == 19200300 && + oid.oid[4] == 100 && oid.oid[5] == 1 && + oid.oid[6] == 25) { + /* 0.9.2342.19200300.100.1.25 - domainComponent */ + fieldp = &name->dc; } if (fieldp == NULL) { @@ -503,6 +515,12 @@ void x509_name_string(struct x509_name *name, char *buf, size_t len) goto done; pos += ret; } + if (name->dc) { + ret = os_snprintf(pos, end - pos, "DC=%s, ", name->dc); + if (ret < 0 || ret >= end - pos) + goto done; + pos += ret; + } if (pos > buf + 1 && pos[-1] == ' ' && pos[-2] == ',') { *pos-- = '\0'; diff --git a/src/tls/x509v3.h b/src/tls/x509v3.h index 8b710cd3e..e7d96ad36 100644 --- a/src/tls/x509v3.h +++ b/src/tls/x509v3.h @@ -22,6 +22,7 @@ struct x509_algorithm_identifier { }; struct x509_name { + char *dc; /* domainComponent */ char *cn; /* commonName */ char *c; /* countryName */ char *l; /* localityName */