apps.c

mediastreamer2是开源的网络传输媒体流的库

		{ "sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
		{ "lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
		{ "align", XN_FLAG_FN_ALIGN, 0},
		{ "oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
		{ "space_eq", XN_FLAG_SPC_EQ, 0},
		{ "dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
		{ "RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
		{ "oneline", XN_FLAG_ONELINE, 0xffffffffL},
		{ "multiline", XN_FLAG_MULTILINE, 0xffffffffL},
		{ "ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
		{ NULL, 0, 0}
	};
	return set_multi_opts(flags, arg, ex_tbl);
}

int set_ext_copy(int *copy_type, const char *arg)
{
	if (!strcasecmp(arg, "none"))
		*copy_type = EXT_COPY_NONE;
	else if (!strcasecmp(arg, "copy"))
		*copy_type = EXT_COPY_ADD;
	else if (!strcasecmp(arg, "copyall"))
		*copy_type = EXT_COPY_ALL;
	else
		return 0;
	return 1;
}

int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
{
	STACK_OF(X509_EXTENSION) *exts = NULL;
	X509_EXTENSION *ext, *tmpext;
	ASN1_OBJECT *obj;
	int i, idx, ret = 0;
	if (!x || !req || (copy_type == EXT_COPY_NONE))
		return 1;
	exts = X509_REQ_get_extensions(req);

	for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
		ext = sk_X509_EXTENSION_value(exts, i);
		obj = X509_EXTENSION_get_object(ext);
		idx = X509_get_ext_by_OBJ(x, obj, -1);
		/* Does extension exist? */
		if (idx != -1) {
			/* If normal copy don't override existing extension */
			if (copy_type == EXT_COPY_ADD)
				continue;
			/* Delete all extensions of same type */
			do {
				tmpext = X509_get_ext(x, idx);
				X509_delete_ext(x, idx);
				X509_EXTENSION_free(tmpext);
				idx = X509_get_ext_by_OBJ(x, obj, -1);
			} while (idx != -1);
		}
		if (!X509_add_ext(x, ext, -1))
			goto end;
	}

	ret = 1;

	end:

	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);

	return ret;
}
		
		
			

static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
{
	STACK_OF(CONF_VALUE) *vals;
	CONF_VALUE *val;
	int i, ret = 1;
	if(!arg) return 0;
	vals = X509V3_parse_list(arg);
	for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
		val = sk_CONF_VALUE_value(vals, i);
		if (!set_table_opts(flags, val->name, in_tbl))
			ret = 0;
	}
	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
	return ret;
}

static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
{
	char c;
	const NAME_EX_TBL *ptbl;
	c = arg[0];

	if(c == '-') {
		c = 0;
		arg++;
	} else if (c == '+') {
		c = 1;
		arg++;
	} else c = 1;

	for(ptbl = in_tbl; ptbl->name; ptbl++) {
		if(!strcasecmp(arg, ptbl->name)) {
			*flags &= ~ptbl->mask;
			if(c) *flags |= ptbl->flag;
			else *flags &= ~ptbl->flag;
			return 1;
		}
	}
	return 0;
}

void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags)
{
	char *buf;
	char mline = 0;
	int indent = 0;

	if(title) BIO_puts(out, title);
	if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
		mline = 1;
		indent = 4;
	}
	if(lflags == XN_FLAG_COMPAT) {
		buf = X509_NAME_oneline(nm, 0, 0);
		BIO_puts(out, buf);
		BIO_puts(out, "\n");
		OPENSSL_free(buf);
	} else {
		if(mline) BIO_puts(out, "\n");
		X509_NAME_print_ex(out, nm, indent, lflags);
		BIO_puts(out, "\n");
	}
}

X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
{
	X509_STORE *store;
	X509_LOOKUP *lookup;
	if(!(store = X509_STORE_new())) goto end;
	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
	if (lookup == NULL) goto end;
	if (CAfile) {
		if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
			BIO_printf(bp, "Error loading file %s\n", CAfile);
			goto end;
		}
	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
		
	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
	if (lookup == NULL) goto end;
	if (CApath) {
		if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
			BIO_printf(bp, "Error loading directory %s\n", CApath);
			goto end;
		}
	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);

	ERR_clear_error();
	return store;
	end:
	X509_STORE_free(store);
	return NULL;
}

#ifndef OPENSSL_NO_ENGINE
/* Try to load an engine in a shareable library */
static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
	{
	ENGINE *e = ENGINE_by_id("dynamic");
	if (e)
		{
		if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
			|| !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
			{
			ENGINE_free(e);
			e = NULL;
			}
		}
	return e;
	}

ENGINE *setup_engine(BIO *err, const char *engine, int debug)
        {
        ENGINE *e = NULL;

        if (engine)
                {
		if(strcmp(engine, "auto") == 0)
			{
			BIO_printf(err,"enabling auto ENGINE support\n");
			ENGINE_register_all_complete();
			return NULL;
			}
		if((e = ENGINE_by_id(engine)) == NULL
			&& (e = try_load_engine(err, engine, debug)) == NULL)
			{
			BIO_printf(err,"invalid engine \"%s\"\n", engine);
			ERR_print_errors(err);
			return NULL;
			}
		if (debug)
			{
			ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
				0, err, 0);
			}
                ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
			{
			BIO_printf(err,"can't use that engine\n");
			ERR_print_errors(err);
			ENGINE_free(e);
			return NULL;
			}

		BIO_printf(err,"engine \"%s\" set.\n", ENGINE_get_id(e));

		/* Free our "structural" reference. */
		ENGINE_free(e);
		}
        return e;
        }
#endif

int load_config(BIO *err, CONF *cnf)
	{
	if (!cnf)
		cnf = config;
	if (!cnf)
		return 1;

	OPENSSL_load_builtin_modules();

	if (CONF_modules_load(cnf, NULL, 0) <= 0)
		{
		BIO_printf(err, "Error configuring OpenSSL\n");
		ERR_print_errors(err);
		return 0;
		}
	return 1;
	}

char *make_config_name()
	{
	const char *t=X509_get_default_cert_area();
	size_t len;
	char *p;

	len=strlen(t)+strlen(OPENSSL_CONF)+2;
	p=OPENSSL_malloc(len);
	BUF_strlcpy(p,t,len);
#ifndef OPENSSL_SYS_VMS
	BUF_strlcat(p,"/",len);
#endif
	BUF_strlcat(p,OPENSSL_CONF,len);

	return p;
	}

static unsigned long index_serial_hash(const char **a)
	{
	const char *n;

	n=a[DB_serial];
	while (*n == '0') n++;
	return(lh_strhash(n));
	}

static int index_serial_cmp(const char **a, const char **b)
	{
	const char *aa,*bb;

	for (aa=a[DB_serial]; *aa == '0'; aa++);
	for (bb=b[DB_serial]; *bb == '0'; bb++);
	return(strcmp(aa,bb));
	}

static int index_name_qual(char **a)
	{ return(a[0][0] == 'V'); }

static unsigned long index_name_hash(const char **a)
	{ return(lh_strhash(a[DB_name])); }

int index_name_cmp(const char **a, const char **b)
	{ return(strcmp(a[DB_name],
	     b[DB_name])); }

static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)

#undef BSIZE
#define BSIZE 256

BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
	{
	BIO *in=NULL;
	BIGNUM *ret=NULL;
	MS_STATIC char buf[1024];
	ASN1_INTEGER *ai=NULL;

	ai=ASN1_INTEGER_new();
	if (ai == NULL) goto err;

	if ((in=BIO_new(BIO_s_file())) == NULL)
		{
		ERR_print_errors(bio_err);
		goto err;
		}

	if (BIO_read_filename(in,serialfile) <= 0)
		{
		if (!create)
			{
			perror(serialfile);
			goto err;
			}
		else
			{
			ret=BN_new();
			if (ret == NULL || !rand_serial(ret, ai))
				BIO_printf(bio_err, "Out of memory\n");
			}
		}
	else
		{
		if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
			{
			BIO_printf(bio_err,"unable to load number from %s\n",
				serialfile);
			goto err;
			}
		ret=ASN1_INTEGER_to_BN(ai,NULL);
		if (ret == NULL)
			{
			BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
			goto err;
			}
		}

	if (ret && retai)
		{
		*retai = ai;
		ai = NULL;
		}
 err:
	if (in != NULL) BIO_free(in);
	if (ai != NULL) ASN1_INTEGER_free(ai);
	return(ret);
	}

int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
	{
	char buf[1][BSIZE];
	BIO *out = NULL;
	int ret=0;
	ASN1_INTEGER *ai=NULL;
	int j;

	if (suffix == NULL)
		j = strlen(serialfile);
	else
		j = strlen(serialfile) + strlen(suffix) + 1;
	if (j >= BSIZE)
		{
		BIO_printf(bio_err,"file name too long\n");
		goto err;
		}

	if (suffix == NULL)
		BUF_strlcpy(buf[0], serialfile, BSIZE);
	else
		{
#ifndef OPENSSL_SYS_VMS
		j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
#else
		j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
#endif
		}
#ifdef RL_DEBUG
	BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
#endif
	out=BIO_new(BIO_s_file());
	if (out == NULL)
		{
		ERR_print_errors(bio_err);
		goto err;
		}
	if (BIO_write_filename(out,buf[0]) <= 0)
		{
		perror(serialfile);
		goto err;
		}

	if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
		{
		BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
		goto err;
		}
	i2a_ASN1_INTEGER(out,ai);
	BIO_puts(out,"\n");
	ret=1;
	if (retai)
		{
		*retai = ai;
		ai = NULL;
		}
err:
	if (out != NULL) BIO_free_all(out);
	if (ai != NULL) ASN1_INTEGER_free(ai);
	return(ret);
	}

int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
	{
	char buf[5][BSIZE];
	int i,j;
	struct stat sb;

	i = strlen(serialfile) + strlen(old_suffix);
	j = strlen(serialfile) + strlen(new_suffix);
	if (i > j) j = i;
	if (j + 1 >= BSIZE)
		{
		BIO_printf(bio_err,"file name too long\n");
		goto err;
		}

#ifndef OPENSSL_SYS_VMS
	j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
		serialfile, new_suffix);
#else
	j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
		serialfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
	j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
		serialfile, old_suffix);
#else
	j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
		serialfile, old_suffix);
#endif
	if (stat(serialfile,&sb) < 0)
		{
		if (errno != ENOENT 
#ifdef ENOTDIR
			&& errno != ENOTDIR
#endif
		   )
			goto err;
		}
	else
		{
#ifdef RL_DEBUG
		BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
			serialfile, buf[1]);
#endif
		if (rename(serialfile,buf[1]) < 0)
			{
			BIO_printf(bio_err,
				"unable to rename %s to %s\n",
				serialfile, buf[1]);
			perror("reason");
			goto err;
			}
		}
#ifdef RL_DEBUG
	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
		buf[0],serialfile);
#endif
	if (rename(buf[0],serialfile) < 0)
		{
		BIO_printf(bio_err,
			"unable to rename %s to %s\n",
			buf[0],serialfile);
		perror("reason");
		rename(buf[1],serialfile);
		goto err;
		}
	return 1;
 err:
	return 0;
	}

int rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
	{
	BIGNUM *btmp;
	int ret = 0;
	if (b)
		btmp = b;
	else
		btmp = BN_new();

	if (!btmp)
		return 0;

	if (!BN_pseudo_rand(btmp, SERIAL_RAND_BITS, 0, 0))
		goto error;
	if (ai && !BN_to_ASN1_INTEGER(btmp, ai))
		goto error;

	ret = 1;
	
	error:

	if (!b)
		BN_free(btmp);
	
	return ret;
	}

CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
	{
	CA_DB *retdb = NULL;
	TXT_DB *tmpdb = NULL;
	BIO *in = BIO_new(BIO_s_file());
	CONF *dbattr_conf = NULL;
	char buf[1][BSIZE];
	long errorline= -1;

	if (in == NULL)
		{
		ERR_print_errors(bio_err);
		goto err;
		}
	if (BIO_read_filename(in,dbfile) <= 0)
		{
		perror(dbfile);
		BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
		goto err;
		}
	if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL)
		{
		if (tmpdb != NULL) TXT_DB_free(tmpdb);
		goto err;
		}

#ifndef OPENSSL_SYS_VMS
	BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
#else
	BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
#endif
	dbattr_conf = NCONF_new(NULL);
	if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0)
		{
		if (errorline > 0)
			{
			BIO_printf(bio_err,
				"error on line %ld of db attribute file '%s'\n"
				,errorline,buf[0]);
			goto err;
			}
		else
			{
			NCONF_free(dbattr_conf);
			dbattr_conf = NULL;
			}
		}

	if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL)
		{
		fprintf(stderr, "Out of memory\n");
		goto err;
		}

	retdb->db = tmpdb;
	tmpdb = NULL;
	if (db_attr)
		retdb->attributes = *db_attr;
	else
		{
		retdb->attributes.unique_subject = 1;
		}

	if (dbattr_conf)
		{
		char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject");
		if (p)
			{
#ifdef RL_DEBUG
			BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
#endif
			retdb->attributes.unique_subject = parse_yesno(p,1);