/* * Store the name in printable form into buf; no more * than size characters will be written */ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) { int ret; size_t i, n; unsigned char c, merge = 0; const x509_name *name; const char *short_name = NULL; char s[X509_MAX_DN_NAME_SIZE], *p; memset( s, 0, sizeof( s ) ); name = dn; p = buf; n = size; while( name != NULL ) { if( !name->oid.p ) { name = name->next; continue; } if( name != dn ) { ret = polarssl_snprintf( p, n, merge ? " + " : ", " ); SAFE_SNPRINTF(); } ret = oid_get_attr_short_name( &name->oid, &short_name ); if( ret == 0 ) ret = polarssl_snprintf( p, n, "%s=", short_name ); else ret = polarssl_snprintf( p, n, "\?\?=" ); SAFE_SNPRINTF(); for( i = 0; i < name->val.len; i++ ) { if( i >= sizeof( s ) - 1 ) break; c = name->val.p[i]; if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) s[i] = '?'; else s[i] = c; } s[i] = '\0'; ret = polarssl_snprintf( p, n, "%s", s ); SAFE_SNPRINTF(); merge = name->next_merged; name = name->next; } return( (int) ( size - n ) ); }
/* * Save X509 fields to environment, using the naming convention: * * X509_{cert_depth}_{name}={value} */ void x509_setenv (struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert) { int i; unsigned char c; const x509_name *name; char s[128]; name = &cert->subject; memset( s, 0, sizeof( s ) ); while( name != NULL ) { char name_expand[64+8]; const char *shortname; if( 0 == oid_get_attr_short_name(&name->oid, &shortname) ) { openvpn_snprintf (name_expand, sizeof(name_expand), "X509_%d_%s", cert_depth, shortname); } else { openvpn_snprintf (name_expand, sizeof(name_expand), "X509_%d_\?\?", cert_depth); } for( i = 0; i < name->val.len; i++ ) { if( i >= (int) sizeof( s ) - 1 ) break; c = name->val.p[i]; if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) s[i] = '?'; else s[i] = c; } s[i] = '\0'; /* Check both strings, set environment variable */ string_mod (name_expand, CC_PRINT, CC_CRLF, '_'); string_mod ((char*)s, CC_PRINT, CC_CRLF, '_'); setenv_str_incr (es, name_expand, (char*)s); name = name->next; } }