{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1752657980, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"10edc63cc640f6e58e452a2e0036b981", "commit": {"type":"commit", "time": 1492714322, "time_ofs": 18446744073709551376, "oid_tree": { "oid": "8403ea36cebccd0aa35c99d372869f7809e24816", "alias": []}, "oid":{ "oid": "0444c52a5ff3c2c09f8d7f0f5b464e10231de032", "alias": []}, "msg": "explicitText encoding", "sig_commit": { "git_time": { "time": 1492714322, "offset": -240 }, "name": "Rich Salz", "email": "rsalz@openssl.org", "md5": "3ed6b9cf7bbe83902a044f6590346d26" }, "sig_author": { "git_time": { "time": 1453401837, "offset": 0 }, "name": "Marek Klein", "email": "kleinmrk@gmail.com", "md5": "5bd4a5656d95d1b5370b20ac8961642c" }}, "body": "explicitText encoding\n\nReviewed-by: Richard Levitte \u003clevitte@openssl.org\u003e\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\n(Merged from https://github.com/openssl/openssl/pull/576)" , "diff": "diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c\nindex 22c56ba..ea65e07 100644\n--- a/crypto/x509v3/v3_cpols.c\n+++ b/crypto/x509v3/v3_cpols.c\n@@ -31,6 +31,8 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,\n static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,\n STACK_OF(CONF_VALUE) *unot, int ia5org);\n static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);\n+static int displaytext_str2tag(const char *tagstr, unsigned int *tag_len);\n+static int displaytext_get_tag_len(const char *tagstr);\n \n const X509V3_EXT_METHOD v3_cpols \u003d {\n NID_certificate_policies, 0, ASN1_ITEM_ref(CERTIFICATEPOLICIES),\n@@ -242,13 +244,48 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,\n \n }\n \n+static int displaytext_get_tag_len(const char *tagstr)\n+{\n+ char *colon \u003d strchr(tagstr, ':');\n+\n+ return (colon \u003d\u003d NULL) ? -1 : colon - tagstr;\n+}\n+\n+static int displaytext_str2tag(const char *tagstr, unsigned int *tag_len)\n+{\n+ int len;\n+\n+ *tag_len \u003d 0;\n+ len \u003d displaytext_get_tag_len(tagstr);\n+\n+ if (len \u003d\u003d -1)\n+ return V_ASN1_VISIBLESTRING;\n+ *tag_len \u003d len;\n+ if (len \u003d\u003d sizeof(\u0022UTF8\u0022) - 1 \u0026\u0026 strncmp(tagstr, \u0022UTF8\u0022, len) \u003d\u003d 0)\n+ return V_ASN1_UTF8STRING;\n+ if (len \u003d\u003d sizeof(\u0022UTF8String\u0022) - 1 \u0026\u0026 strncmp(tagstr, \u0022UTF8String\u0022, len) \u003d\u003d 0)\n+ return V_ASN1_UTF8STRING;\n+ if (len \u003d\u003d sizeof(\u0022BMP\u0022) - 1 \u0026\u0026 strncmp(tagstr, \u0022BMP\u0022, len) \u003d\u003d 0)\n+ return V_ASN1_BMPSTRING;\n+ if (len \u003d\u003d sizeof(\u0022BMPSTRING\u0022) - 1 \u0026\u0026 strncmp(tagstr, \u0022BMPSTRING\u0022, len) \u003d\u003d 0)\n+ return V_ASN1_BMPSTRING;\n+ if (len \u003d\u003d sizeof(\u0022VISIBLE\u0022) - 1 \u0026\u0026 strncmp(tagstr, \u0022VISIBLE\u0022, len) \u003d\u003d 0)\n+ return V_ASN1_VISIBLESTRING;\n+ if (len \u003d\u003d sizeof(\u0022VISIBLESTRING\u0022) - 1 \u0026\u0026 strncmp(tagstr, \u0022VISIBLESTRING\u0022, len) \u003d\u003d 0)\n+ return V_ASN1_VISIBLESTRING;\n+ *tag_len \u003d 0;\n+ return V_ASN1_VISIBLESTRING;\n+}\n+\n static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,\n STACK_OF(CONF_VALUE) *unot, int ia5org)\n {\n- int i, ret;\n+ int i, ret, len, tag;\n+ unsigned int tag_len;\n CONF_VALUE *cnf;\n USERNOTICE *not;\n POLICYQUALINFO *qual;\n+ char *value \u003d NULL;\n \n if ((qual \u003d POLICYQUALINFO_new()) \u003d\u003d NULL)\n goto merr;\n@@ -261,11 +298,15 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,\n qual-\u003ed.usernotice \u003d not;\n for (i \u003d 0; i \u003c sk_CONF_VALUE_num(unot); i++) {\n cnf \u003d sk_CONF_VALUE_value(unot, i);\n+ value \u003d cnf-\u003evalue;\n if (strcmp(cnf-\u003ename, \u0022explicitText\u0022) \u003d\u003d 0) {\n- if ((not-\u003eexptext \u003d ASN1_VISIBLESTRING_new()) \u003d\u003d NULL)\n+ tag \u003d displaytext_str2tag(value, \u0026tag_len);\n+ if ((not-\u003eexptext \u003d ASN1_STRING_type_new(tag)) \u003d\u003d NULL)\n goto merr;\n- if (!ASN1_STRING_set(not-\u003eexptext, cnf-\u003evalue,\n- strlen(cnf-\u003evalue)))\n+ if (tag_len !\u003d 0)\n+ value +\u003d tag_len + 1;\n+ len \u003d strlen(value);\n+ if (!ASN1_STRING_set(not-\u003eexptext, value, len))\n goto merr;\n } else if (strcmp(cnf-\u003ename, \u0022organization\u0022) \u003d\u003d 0) {\n NOTICEREF *nref;\ndiff --git a/doc/man5/x509v3_config.pod b/doc/man5/x509v3_config.pod\nindex 17800ea..0662326 100644\n--- a/doc/man5/x509v3_config.pod\n+++ b/doc/man5/x509v3_config.pod\n@@ -353,6 +353,12 @@ The B\u003cia5org\u003e option changes the type of the I\u003corganization\u003e field. In RFC2459\n it can only be of type DisplayText. In RFC3280 IA5Strring is also permissible.\n Some software (for example some versions of MSIE) may require ia5org.\n \n+ASN1 type of explicitText can be specified by prepending B\u003cUTF8\u003e,\n+B\u003cBMP\u003e or B\u003cVISIBLE\u003e prefix followed by colon. For example:\n+\n+ [notice]\n+ explicitText\u003d\u0022UTF8:Explicit Text Here\u0022\n+\n \u003dhead2 Policy Constraints\n \n This is a multi-valued extension which consisting of the names\n","s":{"c":1752657980,"u": 27853}} ],"g": 29039,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}