diff options
-rw-r--r-- | lib/includes/gnutls/x509.h | 2 | ||||
-rw-r--r-- | lib/libgnutls.map | 1 | ||||
-rw-r--r-- | lib/x509/dn.c | 8 | ||||
-rw-r--r-- | lib/x509/x509_dn.c | 42 |
4 files changed, 48 insertions, 5 deletions
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 1b5bcbbf23..883fa59544 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -684,6 +684,8 @@ int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn, int iava, gnutls_x509_ava_st * ava); int gnutls_x509_dn_get_str(gnutls_x509_dn_t dn, gnutls_datum_t *str); +int +gnutls_x509_dn_set_str(gnutls_x509_dn_t dn, const char *str, const char **err); int gnutls_x509_dn_init(gnutls_x509_dn_t * dn); diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 03ec8f1ebe..d73332562c 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1100,6 +1100,7 @@ GNUTLS_3_4 gnutls_x509_crt_set_crq_extension_by_oid; gnutls_x509_tlsfeatures_check_crt; gnutls_x509_crq_set_extension_by_oid; + gnutls_x509_dn_set_str; local: *; }; diff --git a/lib/x509/dn.c b/lib/x509/dn.c index 1f5bd0b25a..66475be0f0 100644 --- a/lib/x509/dn.c +++ b/lib/x509/dn.c @@ -687,9 +687,13 @@ _gnutls_x509_set_dn_oid(ASN1_TYPE asn1_struct, return _gnutls_asn2err(result); } - _gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), asn1_name); - _gnutls_str_cat(asn1_rdn_name, sizeof(asn1_rdn_name), + if (asn1_name[0] != 0) { + _gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), asn1_name); + _gnutls_str_cat(asn1_rdn_name, sizeof(asn1_rdn_name), ".rdnSequence"); + } else { + _gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), "rdnSequence"); + } /* create a new element */ diff --git a/lib/x509/x509_dn.c b/lib/x509/x509_dn.c index 371fbd0c90..69362ef3c1 100644 --- a/lib/x509/x509_dn.c +++ b/lib/x509/x509_dn.c @@ -196,7 +196,8 @@ crt_set_dn(set_dn_func f, void *crt, const char *dn, const char **err) * @err: indicates the error position (if any) * * This function will set the DN on the provided certificate. - * The input string should be plain ASCII or UTF-8 encoded. + * The input string should be plain ASCII or UTF-8 encoded. On + * DN parsing error %GNUTLS_E_PARSING_ERROR is returned. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. @@ -216,7 +217,8 @@ gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn, * @err: indicates the error position (if any) * * This function will set the DN on the provided certificate. - * The input string should be plain ASCII or UTF-8 encoded. + * The input string should be plain ASCII or UTF-8 encoded. On + * DN parsing error %GNUTLS_E_PARSING_ERROR is returned. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. @@ -237,7 +239,8 @@ gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt, const char *dn, * @err: indicates the error position (if any) * * This function will set the DN on the provided certificate. - * The input string should be plain ASCII or UTF-8 encoded. + * The input string should be plain ASCII or UTF-8 encoded. On + * DN parsing error %GNUTLS_E_PARSING_ERROR is returned. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. @@ -249,3 +252,36 @@ gnutls_x509_crq_set_dn(gnutls_x509_crq_t crq, const char *dn, return crt_set_dn((set_dn_func) gnutls_x509_crq_set_dn_by_oid, crq, dn, err); } + +static +int set_dn_by_oid(gnutls_x509_dn_t dn, const char *oid, unsigned int raw_flag, const void *name, unsigned name_size) +{ + return _gnutls_x509_set_dn_oid(dn->asn, "", oid, raw_flag, name, name_size); +} + +/** + * gnutls_x509_dn_set_str: + * @dn: a pointer to DN + * @str: a comma separated DN string (RFC4514) + * @err: indicates the error position (if any) + * + * This function will set the DN on the provided DN structure. + * The input string should be plain ASCII or UTF-8 encoded. On + * DN parsing error %GNUTLS_E_PARSING_ERROR is returned. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + * + * Since: 3.5.3 + **/ +int +gnutls_x509_dn_set_str(gnutls_x509_dn_t dn, const char *str, const char **err) +{ + if (dn == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + return crt_set_dn((set_dn_func) set_dn_by_oid, dn, + str, err); +} |