/* Gets the subject SANs from an X509 cert as a tsi_peer_property. */
static tsi_result add_subject_alt_names_properties_to_peer(
tsi_peer* peer, GENERAL_NAMES* subject_alt_names,
int subject_alt_name_count) {
int i;
tsi_result result = TSI_OK;
/* Reset for DNS entries filtering. */
peer->property_count -= subject_alt_name_count;
for (i = 0; i < subject_alt_name_count; i++) {
GENERAL_NAME* subject_alt_name =
sk_GENERAL_NAME_value(subject_alt_names, i);
/* Filter out the non-dns entries names. */
if (subject_alt_name->type == GEN_DNS) {
unsigned char* dns_name = NULL;
int dns_name_size =
ASN1_STRING_to_UTF8(&dns_name, subject_alt_name->d.dNSName);
if (dns_name_size < 0) {
gpr_log(GPR_ERROR, "Could not get utf8 from asn1 string.");
result = TSI_INTERNAL_ERROR;
break;
}
result = tsi_construct_string_peer_property(
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
(const char*)dns_name, dns_name_size,
&peer->properties[peer->property_count++]);
OPENSSL_free(dns_name);
if (result != TSI_OK) break;
}
}
return result;
}
static tsi_peer peer_from_cert_name_test_entry(
const cert_name_test_entry *entry) {
size_t i;
tsi_peer peer;
name_list *nl;
parsed_dns_names dns_entries = parse_dns_names(entry->dns_names);
nl = dns_entries.names;
GPR_ASSERT(tsi_construct_peer(2, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY, entry->common_name,
&peer.properties[0]) == TSI_OK);
GPR_ASSERT(tsi_construct_list_peer_property(
TSI_X509_SUBJECT_ALTERNATIVE_NAMES_PEER_PROPERTY,
dns_entries.name_count, &peer.properties[1]) == TSI_OK);
i = 0;
while (nl != NULL) {
char *processed = processed_dns_name(nl->name);
GPR_ASSERT(tsi_construct_string_peer_property(
NULL, processed, strlen(nl->name),
&peer.properties[1].value.list.children[i++]) == TSI_OK);
nl = nl->next;
gpr_free(processed);
}
destruct_parsed_dns_names(&dns_entries);
return peer;
}
/* Gets the subject CN of an X509 cert as a tsi_peer_property. */
static tsi_result peer_property_from_x509_common_name(
X509* cert, tsi_peer_property* property) {
unsigned char* common_name;
size_t common_name_size;
tsi_result result =
ssl_get_x509_common_name(cert, &common_name, &common_name_size);
if (result != TSI_OK) {
if (result == TSI_NOT_FOUND) {
common_name = NULL;
common_name_size = 0;
} else {
return result;
}
}
result = tsi_construct_string_peer_property(
TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY,
common_name == NULL ? "" : (const char*)common_name, common_name_size,
property);
OPENSSL_free(common_name);
return result;
}
tsi_result tsi_construct_string_peer_property_from_cstring(
const char *name, const char *value, tsi_peer_property *property) {
return tsi_construct_string_peer_property(name, value, strlen(value),
property);
}
