添加从sanlist中获取subjectname配置
This commit is contained in:
fengweihao
62
src/x509.c
62
src/x509.c
@@ -876,7 +876,45 @@ char *str_trim(const char *str)
|
||||
return strRet;
|
||||
}
|
||||
|
||||
static int set_altname(X509 *crt, int type, const char *sanfile)
|
||||
int add_cert_ctx(X509_NAME* name, char* ctx[], int num)
|
||||
{
|
||||
int i = 0;
|
||||
int max = 0;
|
||||
|
||||
int item[] = {NID_commonName, NID_countryName,
|
||||
NID_stateOrProvinceName, NID_localityName,
|
||||
NID_organizationName, NID_organizationalUnitName,
|
||||
NID_pkcs9_emailAddress};
|
||||
|
||||
max = sizeof(item)/sizeof(item[0]);
|
||||
max = max > num ? num : max;
|
||||
|
||||
for(i = 0; i< max; ++i){
|
||||
if(!X509_NAME_add_entry_by_NID(name, item[i], MBSTRING_UTF8, (unsigned char *)ctx[i], -1, -1, 0)){
|
||||
}
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void x509_set_subject(X509 *x509, char *subject)
|
||||
{
|
||||
#define SUBJECT_NAME_MAX 126
|
||||
char seps[] = ",";
|
||||
char *item = strtok(subject, seps);
|
||||
char key[SUBJECT_NAME_MAX] = {0}, value[SUBJECT_NAME_MAX] = {0};
|
||||
|
||||
X509_NAME *name = X509_get_subject_name(x509);
|
||||
while (item)
|
||||
{
|
||||
sscanf(item, " %[^=]=%s", key, value);
|
||||
X509_NAME_add_entry_by_txt(name, key, MBSTRING_UTF8, (unsigned char*)value, -1, -1, 0);
|
||||
item = strtok(NULL, seps);
|
||||
}
|
||||
free(subject);
|
||||
}
|
||||
|
||||
static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **subjectname)
|
||||
{
|
||||
int ret = 0;
|
||||
GENERAL_NAMES *gens = NULL;
|
||||
@@ -891,9 +929,20 @@ static int set_altname(X509 *crt, int type, const char *sanfile)
|
||||
if (buff == NULL){
|
||||
goto finish;
|
||||
}
|
||||
char seps1[] = "\n", seps[] = ";";
|
||||
char *sanline=NULL, *host = NULL;
|
||||
char seps[] = ";";
|
||||
sanline = strtok(buff, seps);
|
||||
if (buff[0] != '\n')
|
||||
{
|
||||
char *subject = strtok(buff, seps1);
|
||||
if (subject != NULL)
|
||||
{
|
||||
*subjectname = strdup(subject);
|
||||
}
|
||||
sanline = strtok(NULL, seps);
|
||||
}else
|
||||
{
|
||||
sanline = strtok(buff+1, seps);
|
||||
}
|
||||
while (sanline)
|
||||
{
|
||||
asprintf(&host, "%s", sanline);
|
||||
@@ -947,7 +996,12 @@ int x509_check_host(const char *sanfile, const char *urlfile)
|
||||
X509 *x509 = make_cert();
|
||||
if (x509 == NULL)
|
||||
return -1;
|
||||
set_altname(x509, GEN_DNS, sanfile);
|
||||
char *subject = NULL;
|
||||
x509_set_altname(x509, GEN_DNS, sanfile,&subject);
|
||||
if (subject != NULL)
|
||||
{
|
||||
x509_set_subject(x509, subject);
|
||||
}
|
||||
fp = fopen(urlfile, "r");
|
||||
assert(fp != NULL);
|
||||
while(fgets(line, LINE_SIZE - 1, fp))
|
||||
|
||||
Reference in New Issue
Block a user