/* Gets the subject SANs from an X509 cert as a tsi_peer_property. */ static tsi_result add_subject_alt_names_properties_to_peer( tsi_peer* peer, GENERAL_NAMES* subject_alt_names, int subject_alt_name_count) { int i; tsi_result result = TSI_OK; /* Reset for DNS entries filtering. */ peer->property_count -= subject_alt_name_count; for (i = 0; i < subject_alt_name_count; i++) { GENERAL_NAME* subject_alt_name = sk_GENERAL_NAME_value(subject_alt_names, i); /* Filter out the non-dns entries names. */ if (subject_alt_name->type == GEN_DNS) { unsigned char* dns_name = NULL; int dns_name_size = ASN1_STRING_to_UTF8(&dns_name, subject_alt_name->d.dNSName); if (dns_name_size < 0) { gpr_log(GPR_ERROR, "Could not get utf8 from asn1 string."); result = TSI_INTERNAL_ERROR; break; } result = tsi_construct_string_peer_property( TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY, (const char*)dns_name, dns_name_size, &peer->properties[peer->property_count++]); OPENSSL_free(dns_name); if (result != TSI_OK) break; } } return result; }
static tsi_peer peer_from_cert_name_test_entry( const cert_name_test_entry *entry) { size_t i; tsi_peer peer; name_list *nl; parsed_dns_names dns_entries = parse_dns_names(entry->dns_names); nl = dns_entries.names; GPR_ASSERT(tsi_construct_peer(2, &peer) == TSI_OK); GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY, entry->common_name, &peer.properties[0]) == TSI_OK); GPR_ASSERT(tsi_construct_list_peer_property( TSI_X509_SUBJECT_ALTERNATIVE_NAMES_PEER_PROPERTY, dns_entries.name_count, &peer.properties[1]) == TSI_OK); i = 0; while (nl != NULL) { char *processed = processed_dns_name(nl->name); GPR_ASSERT(tsi_construct_string_peer_property( NULL, processed, strlen(nl->name), &peer.properties[1].value.list.children[i++]) == TSI_OK); nl = nl->next; gpr_free(processed); } destruct_parsed_dns_names(&dns_entries); return peer; }
/* Gets the subject CN of an X509 cert as a tsi_peer_property. */ static tsi_result peer_property_from_x509_common_name( X509* cert, tsi_peer_property* property) { unsigned char* common_name; size_t common_name_size; tsi_result result = ssl_get_x509_common_name(cert, &common_name, &common_name_size); if (result != TSI_OK) { if (result == TSI_NOT_FOUND) { common_name = NULL; common_name_size = 0; } else { return result; } } result = tsi_construct_string_peer_property( TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY, common_name == NULL ? "" : (const char*)common_name, common_name_size, property); OPENSSL_free(common_name); return result; }
tsi_result tsi_construct_string_peer_property_from_cstring( const char *name, const char *value, tsi_peer_property *property) { return tsi_construct_string_peer_property(name, value, strlen(value), property); }