aboutsummaryrefslogtreecommitdiff
path: root/openssl/trunk/crypto/x509v3/v3_addr.c
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/trunk/crypto/x509v3/v3_addr.c')
-rw-r--r--openssl/trunk/crypto/x509v3/v3_addr.c118
1 files changed, 60 insertions, 58 deletions
diff --git a/openssl/trunk/crypto/x509v3/v3_addr.c b/openssl/trunk/crypto/x509v3/v3_addr.c
index 880b5d8c..abb59d78 100644
--- a/openssl/trunk/crypto/x509v3/v3_addr.c
+++ b/openssl/trunk/crypto/x509v3/v3_addr.c
@@ -51,7 +51,8 @@ ASN1_SEQUENCE(IPAddressFamily) = {
} ASN1_SEQUENCE_END(IPAddressFamily)
ASN1_ITEM_TEMPLATE(IPAddrBlocks) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, IPAddrBlocks, IPAddressFamily)
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+ IPAddrBlocks, IPAddressFamily)
ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
@@ -84,79 +85,80 @@ static const char *safi_table[] = {
#define safi_index(x) \
(x > 0 && x < sizeof(safi_table)/sizeof(*safi_table) ? x : 0)
-static int bitstring_to_address(unsigned char *addr, int len, unsigned char fill, ASN1_BIT_STRING *bs)
+static int i2r_address(BIO *out, int afi, unsigned char fill,
+ ASN1_BIT_STRING *bs)
{
- if (bs->length > len)
- return 0;
- memset(addr, fill, len);
- if (bs->length == 0)
- return 1;
- memcpy(addr, bs->data, bs->length);
- if ((bs->flags & 7) != 0)
- addr[bs->length - 1] |= fill >> (8 - (bs->flags & 7));
+ if (afi_index(afi)) {
+ /*
+ * Known AFI, we can fill and format this properly.
+ */
+ int length = afi_table[afi_index(afi)].length;
+ int af = afi_table[afi_index(afi)].af;
+ unsigned char addr[16];
+ char buf[48];
+
+ assert(sizeof(addr) >= length);
+ if (bs->length > length)
+ return 0;
+ memset(addr, fill, length);
+ if (bs->length > 0) {
+ memcpy(addr, bs->data, bs->length);
+ if ((bs->flags & 7) != 0)
+ addr[bs->length - 1] |= fill >> (8 - (bs->flags & 7));
+ }
+ if (inet_ntop(af, addr, buf, sizeof(buf)) == NULL)
+ return 0;
+ BIO_puts(out, buf);
+ } else {
+ /*
+ * Unknown AFI, dump as hex.
+ */
+ int i;
+ for (i = 0; i < bs->length; i++)
+ BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
+ BIO_printf(out, "[%d]", bs->flags & 7);
+ }
return 1;
}
-static void i2r_unknown_afi_bitstring(BIO *out, ASN1_BIT_STRING *bs)
+static int i2r_IPAddressOrRange(BIO *out, int indent,
+ IPAddressOrRanges *aors, int afi)
{
int i;
- for (i = 0; i < bs->length; i++) {
- if (i > 0)
- BIO_puts(out, ":");
- BIO_printf(out, "%02x", bs->data[i]);
- }
- BIO_printf(out, "[%d]", bs->flags & 7);
-}
-
-static int i2r_IPAddressOrRange(BIO *out, int indent, IPAddressOrRange *aor, int afi)
-{
- int af = afi_table[afi_index(afi)].af, length = afi_table[afi_index(afi)].length;
- unsigned char addr[16];
- char buf[48];
-
- assert(sizeof(addr) >= length);
- BIO_printf(out, "%*s", indent, "");
- switch (aor->type) {
- case IPAddressOrRange_addressPrefix:
- if (afi_index(afi)) {
- if (!bitstring_to_address(addr, length, 0x00, aor->addressPrefix) ||
- inet_ntop(af, addr, buf, sizeof(buf)) == NULL)
+ for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
+ IPAddressOrRange *aor = sk_IPAddressOrRange_num(aors, i);
+ BIO_printf(out, "%*s", indent, "");
+ switch (aor->type) {
+ case IPAddressOrRange_addressPrefix:
+ if (!i2r_address(out, afi, 0x00, aor->addressPrefix))
return 0;
- BIO_printf(out, "%s/%d\n", buf,
- aor->addressPrefix->length * 8 - (aor->addressPrefix->flags & 7));
- } else {
- i2r_unknown_afi_bitstring(out, aor->addressPrefix);
- BIO_puts(out, "\n");
- }
- return 1;
- case IPAddressOrRange_addressRange:
- if (afi_index(afi)) {
- if (!bitstring_to_address(addr, length, 0x00, aor->addressRange->min) ||
- inet_ntop(af, addr, buf, sizeof(buf)) == NULL)
- return 0;
- BIO_puts(out, buf);
- if (!bitstring_to_address(addr, length, 0xFF, aor->addressRange->max) ||
- inet_ntop(af, addr, buf, sizeof(buf)) == NULL)
+ BIO_printf(out, "/%d\n",
+ aor->addressPrefix->length * 8 -
+ (aor->addressPrefix->flags & 7));
+ continue;
+ case IPAddressOrRange_addressRange:
+ if (!i2r_address(out, afi, 0x00, aor->addressRange->min))
return 0;
- BIO_printf(out, "-%s\n", buf);
- } else {
- i2r_unknown_afi_bitstring(out, aor->addressRange->min);
BIO_puts(out, "-");
- i2r_unknown_afi_bitstring(out, aor->addressRange->max);
+ if (!i2r_address(out, afi, 0xFF, aor->addressRange->max))
+ return 0;
BIO_puts(out, "\n");
- }
- return 1;
+ continue;
+ }
}
+ return 1;
}
-static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method, void *ext, BIO *out, int indent)
+static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method,
+ void *ext, BIO *out, int indent)
{
int i, j;
for (i = 0; i < sk_IPAddrBlocks_num(ext); i++) {
IPAddressFamily *f = sk_IPAddrBlocks_value(ext, i);
int afi = (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
if (afi_index(afi))
- BIO_printf(out, "%*s%s", indent, "", afi_table[afi_index(afi)].description);
+ BIO_printf(out, "%*s%s", indent, "",
+ afi_table[afi_index(afi)].description);
else
BIO_printf(out, "%*sUnknown AFI %i", indent, "", afi);
if (f->addressFamily->length > 2) {
@@ -172,9 +174,9 @@ static int i2r_IPAddrBlocks(X509V3_EXT_METHOD *method, void *ext, BIO *out, int
break;
case IPAddressChoice_addressesOrRanges:
BIO_puts(out, ":\n");
- for (j = 0; j < sk_IPAddressOrRange_num(f->ipAddressChoice->u.asIdsOrRanges); j++)
- if (!i2r_IPAddressOrRange(out, indent + 2, sk_IPAddressOrRange_num(f->ipAddressChoice->u.asIdsOrRanges, j), afi))
- return 0;
+ if (!i2r_IPAddressOrRanges(out, indent + 2,
+ f->ipAddressChoice->u.asIdsOrRanges, afi))
+ return 0;
break;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-13 11:29:27 +0000