gfwleak/tango-certstore
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* 修改sanlist中CN以行为分割的读取方式

Browse Source
This commit is contained in:
fengweihao
2019-09-26 16:40:35 +08:00
parent d84461437c
commit f7eda1fab8
1 changed files with 5 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/x509.c
View File

@@ -878,37 +878,9 @@ char *str_trim(const char *str)
return strRet; return strRet;
} }
int add_cert_ctx(X509_NAME* name, char* ctx[], int num) static int set_altname(X509 *crt, int type, const char *sanfile)
{ {
int i = 0; int ret = 0;
int max = 0;
int item[] = {NID_commonName, NID_countryName,
NID_stateOrProvinceName, NID_localityName,
NID_organizationName, NID_organizationalUnitName,
NID_pkcs9_emailAddress};
max = sizeof(item)/sizeof(item[0]);
max = max > num ? num : max;
for(i = 0; i< max; ++i){
if(!X509_NAME_add_entry_by_NID(name, item[i], MBSTRING_UTF8, (unsigned char *)ctx[i], -1, -1, 0)){
}
}
return 1;
}
static void x509_set_subject(X509 *x509, char *subject)
{
X509_NAME *name = X509_get_subject_name(x509);
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_UTF8, (unsigned char*)subject, -1, -1, 0);
free(subject);
}
static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **subjectname)
{
int ret = 0, num = 0;
GENERAL_NAMES *gens = NULL; GENERAL_NAMES *gens = NULL;
GENERAL_NAME *gen = NULL; GENERAL_NAME *gen = NULL;
ASN1_IA5STRING *ia5 = NULL; ASN1_IA5STRING *ia5 = NULL;
@@ -921,17 +893,12 @@ static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **sub
if (buff == NULL){ if (buff == NULL){
goto finish; goto finish;
} }
char *sanline = NULL, *host = NULL; char *sanline=NULL, *host = NULL;
char seps[] = ";"; char seps[] = ";";
sanline = strtok(buff, seps); sanline = strtok(buff, seps);
while (sanline) while (sanline)
{ {
asprintf(&host, "%s", sanline); asprintf(&host, "%s", sanline);
if (num == 0)
{
*subjectname = host;
goto next;
}
gen = GENERAL_NAME_new(); gen = GENERAL_NAME_new();
if (gen == NULL) if (gen == NULL)
goto out; goto out;
@@ -952,13 +919,11 @@ static int x509_set_altname(X509 *crt, int type, const char *sanfile, char **sub
sk_GENERAL_NAME_push(gens, gen); sk_GENERAL_NAME_push(gens, gen);
gen = NULL; gen = NULL;
free(host); free(host);
next:
sanline = strtok(NULL, seps); sanline = strtok(NULL, seps);
if (sanline == NULL || strlen(sanline) == 1) if (sanline == NULL || strlen(sanline) == 1)
{ {
break; break;
} }
num++;
} }
if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0)) if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0))
goto out; goto out;
@@ -984,12 +949,7 @@ int x509_check_host(const char *sanfile, const char *urlfile)
X509 *x509 = make_cert(); X509 *x509 = make_cert();
if (x509 == NULL) if (x509 == NULL)
return -1; return -1;
char *subject = NULL; set_altname(x509, GEN_DNS, sanfile);
x509_set_altname(x509, GEN_DNS, sanfile,&subject);
if (subject != NULL)
{
x509_set_subject(x509, subject);
}
fp = fopen(urlfile, "r"); fp = fopen(urlfile, "r");
assert(fp != NULL); assert(fp != NULL);
while(fgets(line, LINE_SIZE - 1, fp)) while(fgets(line, LINE_SIZE - 1, fp))