Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Add iPaddress support for subjectAltName
subjectaltname only understood DNS entries.  Amend it to support IPv4 iPAddress.
  • Loading branch information
Jarrod Johnson committed Mar 19, 2014
1 parent fea8166 commit e4a9069
Showing 1 changed file with 18 additions and 1 deletion.
19 changes: 18 additions & 1 deletion src/crypto/x509.c
Expand Up @@ -20,6 +20,7 @@
FILE_LICENCE ( GPL2_OR_LATER );

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
Expand Down Expand Up @@ -533,6 +534,7 @@ static int x509_parse_subject_alt_name ( struct x509_certificate *cert,
struct asn1_cursor cursor;
struct asn1_cursor string_cursor;
int rc;
unsigned int type;

INIT_LIST_HEAD ( &subject_alt_name->names );

Expand All @@ -548,7 +550,9 @@ static int x509_parse_subject_alt_name ( struct x509_certificate *cert,
/* Mark extension as present */
subject_alt_name->present = 1;
memcpy ( &string_cursor, &cursor, sizeof ( string_cursor ) );
if ( ( rc = asn1_enter ( &string_cursor, ASN1_IMPLICIT_TAG ( 2 ) ) ) == 0 ) {
type = asn1_type( &string_cursor );
rc = asn1_enter_any ( &string_cursor );
if ( type == 0x82) {
char* name = zalloc ( string_cursor.len + 1 );
memcpy ( name, string_cursor.data, string_cursor.len );
if ( strlen ( name ) != string_cursor.len ) {
Expand All @@ -560,6 +564,19 @@ static int x509_parse_subject_alt_name ( struct x509_certificate *cert,
struct x509_san_link* link = zalloc ( sizeof ( struct x509_san_link ) );
link->name = name;
list_add ( &link->list, &subject_alt_name->names );
} else if ( type == 0x87 ) {
if ( string_cursor.len == 4 ) { // TODO: IPv6
char* name = zalloc ( 16 ); // max ipv4 string length
snprintf( name, 16, "%d.%d.%d.%d",
((unsigned char*)string_cursor.data)[0],
((unsigned char*)string_cursor.data)[1],
((unsigned char*)string_cursor.data)[2],
((unsigned char*)string_cursor.data)[3] );
//DBGC ( cert, "X509 %p subjectAltName %s\n", cert, name );
struct x509_san_link* link = zalloc ( sizeof ( struct x509_san_link ) );
link->name = name;
list_add ( &link->list, &subject_alt_name->names );
}
}
asn1_skip_any ( &cursor );
}
Expand Down

0 comments on commit e4a9069

Please sign in to comment.