static int
i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
{
int i;
OCSP_SERVICELOC *a = in;
ACCESS_DESCRIPTION *ad;
if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0)
goto err;
if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0)
goto err;
for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++) {
ad = sk_ACCESS_DESCRIPTION_value(a->locator, i);
if (BIO_printf(bp, "\n%*s", (2 * ind), "") <= 0)
goto err;
if (i2a_ASN1_OBJECT(bp, ad->method) <= 0)
goto err;
if (BIO_puts(bp, " - ") <= 0)
goto err;
if (GENERAL_NAME_print(bp, ad->location) <= 0)
goto err;
}
return 1;
err:
return 0;
}
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags)
{
int i;
long l;
OCSP_CERTID* cid = NULL;
OCSP_ONEREQ *one = NULL;
OCSP_REQINFO *inf = o->tbsRequest;
OCSP_SIGNATURE *sig = o->optionalSignature;
if (BIO_write(bp,"OCSP Request Data:\n",19) <= 0) goto err;
l=ASN1_INTEGER_get(inf->version);
if (BIO_printf(bp," Version: %lu (0x%lx)",l+1,l) <= 0) goto err;
if (inf->requestorName != NULL)
{
if (BIO_write(bp,"\n Requestor Name: ",21) <= 0)
goto err;
GENERAL_NAME_print(bp, inf->requestorName);
}
if (BIO_write(bp,"\n Requestor List:\n",21) <= 0) goto err;
for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++)
{
one = sk_OCSP_ONEREQ_value(inf->requestList, i);
cid = one->reqCert;
ocsp_certid_print(bp, cid, 8);
if (!X509V3_extensions_print(bp,
"Request Single Extensions",
one->singleRequestExtensions, flags, 8))
goto err;
}
if (!X509V3_extensions_print(bp, "Request Extensions",
inf->requestExtensions, flags, 4))
goto err;
if (sig)
{
X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);
for (i=0; i<sk_X509_num(sig->certs); i++)
{
X509_print(bp, sk_X509_value(sig->certs,i));
PEM_write_bio_X509(bp,sk_X509_value(sig->certs,i));
}
}
return 1;
err:
return 0;
}
static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in,
BIO *bp, int ind)
{
ADMISSION_SYNTAX * admission = (ADMISSION_SYNTAX *)in;
int i, j, k;
if (admission->admissionAuthority != NULL) {
if (BIO_printf(bp, "%*sadmissionAuthority:\n", ind, "") <= 0
|| BIO_printf(bp, "%*s ", ind, "") <= 0
|| GENERAL_NAME_print(bp, admission->admissionAuthority) <= 0
|| BIO_printf(bp, "\n") <= 0)
goto err;
}
for (i = 0; i < sk_ADMISSIONS_num(admission->contentsOfAdmissions); i++) {
ADMISSIONS* entry = sk_ADMISSIONS_value(admission->contentsOfAdmissions, i);
if (BIO_printf(bp, "%*sEntry %0d:\n", ind, "", 1 + i) <= 0) goto err;
if (entry->admissionAuthority != NULL) {
if (BIO_printf(bp, "%*s admissionAuthority:\n", ind, "") <= 0
|| BIO_printf(bp, "%*s ", ind, "") <= 0
|| GENERAL_NAME_print(bp, entry->admissionAuthority) <= 0
|| BIO_printf(bp, "\n") <= 0)
goto err;
}
if (entry->namingAuthority != NULL) {
if (i2r_NAMING_AUTHORITY(method, entry->namingAuthority, bp, ind) <= 0)
goto err;
}
for (j = 0; j < sk_PROFESSION_INFO_num(entry->professionInfos); j++) {
PROFESSION_INFO* pinfo = sk_PROFESSION_INFO_value(entry->professionInfos, j);
if (BIO_printf(bp, "%*s Profession Info Entry %0d:\n", ind, "", 1 + j) <= 0)
goto err;
if (pinfo->registrationNumber != NULL) {
if (BIO_printf(bp, "%*s registrationNumber: ", ind, "") <= 0
|| ASN1_STRING_print(bp, pinfo->registrationNumber) <= 0
|| BIO_printf(bp, "\n") <= 0)
goto err;
}
if (pinfo->namingAuthority != NULL) {
if (i2r_NAMING_AUTHORITY(method, pinfo->namingAuthority, bp, ind + 2) <= 0)
goto err;
}
if (pinfo->professionItems != NULL) {
if (BIO_printf(bp, "%*s Info Entries:\n", ind, "") <= 0)
goto err;
for (k = 0; k < sk_ASN1_STRING_num(pinfo->professionItems); k++) {
ASN1_STRING* val = sk_ASN1_STRING_value(pinfo->professionItems, k);
if (BIO_printf(bp, "%*s ", ind, "") <= 0
|| ASN1_STRING_print(bp, val) <= 0
|| BIO_printf(bp, "\n") <= 0)
goto err;
}
}
if (pinfo->professionOIDs != NULL) {
if (BIO_printf(bp, "%*s Profession OIDs:\n", ind, "") <= 0)
goto err;
for (k = 0; k < sk_ASN1_OBJECT_num(pinfo->professionOIDs); k++) {
ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(pinfo->professionOIDs, k);
const char *ln = OBJ_nid2ln(OBJ_obj2nid(obj));
char objbuf[128];
OBJ_obj2txt(objbuf, sizeof(objbuf), obj, 1);
if (BIO_printf(bp, "%*s %s%s%s%s\n", ind, "",
ln ? ln : "", ln ? " (" : "",
objbuf, ln ? ")" : "") <= 0)
goto err;
}
}
}
}
return 1;
err:
return -1;
}
static PyObject *
_get_peer_alt_names (X509 *certificate) {
/* this code follows the procedure outlined in
OpenSSL's crypto/x509v3/v3_prn.c:X509v3_EXT_print()
function to extract the STACK_OF(GENERAL_NAME),
then iterates through the stack to add the
names. */
int i, j;
PyObject *peer_alt_names = Py_None;
PyObject *v, *t;
X509_EXTENSION *ext = NULL;
GENERAL_NAMES *names = NULL;
GENERAL_NAME *name;
X509V3_EXT_METHOD *method;
BIO *biobuf = NULL;
char buf[2048];
char *vptr;
int len;
const unsigned char *p;
if (certificate == NULL)
return peer_alt_names;
/* get a memory buffer */
biobuf = BIO_new(BIO_s_mem());
i = 0;
while ((i = X509_get_ext_by_NID(
certificate, NID_subject_alt_name, i)) >= 0) {
if (peer_alt_names == Py_None) {
peer_alt_names = PyList_New(0);
if (peer_alt_names == NULL)
goto fail;
}
/* now decode the altName */
ext = X509_get_ext(certificate, i);
if(!(method = X509V3_EXT_get(ext))) {
PyErr_SetString
(PySSLErrorObject,
ERRSTR("No method for internalizing subjectAltName!"));
goto fail;
}
p = ext->value->data;
if (method->it)
names = (GENERAL_NAMES*)
(ASN1_item_d2i(NULL,
&p,
ext->value->length,
ASN1_ITEM_ptr(method->it)));
else
names = (GENERAL_NAMES*)
(method->d2i(NULL,
&p,
ext->value->length));
for(j = 0; j < sk_GENERAL_NAME_num(names); j++) {
/* get a rendering of each name in the set of names */
name = sk_GENERAL_NAME_value(names, j);
if (name->type == GEN_DIRNAME) {
/* we special-case DirName as a tuple of
tuples of attributes */
t = PyTuple_New(2);
if (t == NULL) {
goto fail;
}
v = PyUnicode_FromString("DirName");
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 0, v);
v = _create_tuple_for_X509_NAME (name->d.dirn);
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 1, v);
} else {
/* for everything else, we use the OpenSSL print form */
(void) BIO_reset(biobuf);
GENERAL_NAME_print(biobuf, name);
len = BIO_gets(biobuf, buf, sizeof(buf)-1);
if (len < 0) {
_setSSLError(NULL, 0, __FILE__, __LINE__);
goto fail;
}
vptr = strchr(buf, ':');
if (vptr == NULL)
goto fail;
t = PyTuple_New(2);
if (t == NULL)
goto fail;
v = PyUnicode_FromStringAndSize(buf, (vptr - buf));
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 0, v);
v = PyUnicode_FromStringAndSize((vptr + 1),
(len - (vptr - buf + 1)));
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 1, v);
}
/* and add that rendering to the list */
if (PyList_Append(peer_alt_names, t) < 0) {
Py_DECREF(t);
goto fail;
}
Py_DECREF(t);
}
}
BIO_free(biobuf);
if (peer_alt_names != Py_None) {
v = PyList_AsTuple(peer_alt_names);
Py_DECREF(peer_alt_names);
return v;
} else {
return peer_alt_names;
}
fail:
if (biobuf != NULL)
BIO_free(biobuf);
if (peer_alt_names != Py_None) {
Py_XDECREF(peer_alt_names);
}
return NULL;
}
