Date: Mon, 19 Jun 2017 18:05:26 +0000 (UTC) From: Kurt Jaeger <pi@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r443904 - in head/security/p5-Crypt-OpenSSL-CA: . files Message-ID: <201706191805.v5JI5QQt068675@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pi Date: Mon Jun 19 18:05:26 2017 New Revision: 443904 URL: https://svnweb.freebsd.org/changeset/ports/443904 Log: security/p5-Crypt-OpenSSL-CA: add functions to retrieve CRL-related infos PR: 220134 Submitted by: Borodin Oleg <onborodin@gmail.com> Added: head/security/p5-Crypt-OpenSSL-CA/files/ head/security/p5-Crypt-OpenSSL-CA/files/patch-lib_Crypt_OpenSSL_CA.pm (contents, props changed) Modified: head/security/p5-Crypt-OpenSSL-CA/Makefile Modified: head/security/p5-Crypt-OpenSSL-CA/Makefile ============================================================================== --- head/security/p5-Crypt-OpenSSL-CA/Makefile Mon Jun 19 18:04:31 2017 (r443903) +++ head/security/p5-Crypt-OpenSSL-CA/Makefile Mon Jun 19 18:05:26 2017 (r443904) @@ -3,7 +3,7 @@ PORTNAME= Crypt-OpenSSL-CA PORTVERSION= 0.24 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- Added: head/security/p5-Crypt-OpenSSL-CA/files/patch-lib_Crypt_OpenSSL_CA.pm ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Crypt-OpenSSL-CA/files/patch-lib_Crypt_OpenSSL_CA.pm Mon Jun 19 18:05:26 2017 (r443904) @@ -0,0 +1,320 @@ +--- lib/Crypt/OpenSSL/CA.pm.orig 2017-06-19 18:02:36 UTC ++++ lib/Crypt/OpenSSL/CA.pm +@@ -2064,6 +2064,43 @@ void DESTROY(SV* sv_self) { + } + X509_CRL_BASE + ++ ++=head2 parse_CRL ($pem_crl) ++ ++Creates and returns an I<Crypt::OpenSSL::CA::X509_CRL> object. ++ ++=cut ++ ++sub parse_CRL { ++ my ($class, $pemcrl) = @_; ++ ++ unless ($pemcrl) { ++ croak("CRL pem must by"); ++ } ++ return $class->_parse_CRL($pemcrl); ++} ++ ++ ++ ++use Crypt::OpenSSL::CA::Inline::C <<"_PARSE_CRL"; ++static ++SV* _parse_CRL(char *class, const char* pemcrl) { ++ BIO *crlbio; ++ X509_CRL *crl = NULL; ++ ++ crlbio = BIO_new_mem_buf((void *) pemcrl, -1); ++ if (crlbio == NULL) { ++ croak("BIO_new_mem_buf failed"); ++ } ++ crl = PEM_read_bio_X509_CRL(crlbio, NULL, NULL, NULL); ++ if (crl == NULL) { ++ X509_CRL_free(crl); ++ sslcroak("unable to parse CRL"); ++ } ++ return perl_wrap("${\__PACKAGE__}", crl); ++} ++_PARSE_CRL ++ + =head2 new () + + =head2 new ($version) +@@ -2120,10 +2157,47 @@ void set_issuer_DN(SV* sv_self, SV* sv_dn) { + } + SET_ISSUER_DN + ++=head2 get_issuer_DN() ++ ++Get DN string of issuer the CRL ++ ++=cut ++ ++use Crypt::OpenSSL::CA::Inline::C <<"GET_ISSUER"; ++ ++static ++SV* get_issuer_DN(SV* sv_self) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ BIO* mem = BIO_new(BIO_s_mem()); ++ ASN1_TIME *next_update; ++ X509_NAME *issuer = NULL; ++ ++ if (! mem) { ++ croak("Cannot allocate BIO"); ++ } ++ ++ issuer = X509_NAME_new(); ++ ++ if (!(issuer = X509_CRL_get_issuer(self))) { ++ sslcroak("X509_CRL_get_issuer failed"); ++ } ++ if (!(X509_NAME_print_ex(mem, issuer, 0, XN_FLAG_ONELINE) && (BIO_write(mem, "\\0", 1) > 0))) { ++ sslcroak("X509_CRL_get_nextUpdate failed"); ++ } ++ return BIO_mem_to_SV(mem); ++} ++GET_ISSUER ++ ++ + =head2 set_lastUpdate ($enddate) + + =head2 set_nextUpdate ($startdate) + ++=head2 get_nextUpdate () ++ ++=head2 get_lastUpdate () ++ ++ + Sets the validity period of the certificate. The dates must be in the + GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the + end, meaning "Zulu" in case you care). +@@ -2141,6 +2215,24 @@ void set_lastUpdate(SV* sv_self, char* startdate) { + } + + static ++SV* get_lastUpdate(SV* sv_self) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ BIO* mem = BIO_new(BIO_s_mem()); ++ ASN1_TIME *last_update; ++ ++ if (! mem) { ++ croak("Cannot allocate BIO"); ++ } ++ if (!(last_update = X509_CRL_get_lastUpdate(self))) { ++ sslcroak("X509_CRL_get_lastUpdate"); ++ } ++ if (!(ASN1_TIME_print(mem, last_update) && (BIO_write(mem, "\\0", 1) > 0))) { ++ sslcroak("X509_CRL_get_lastUpdate failed"); ++ } ++ return BIO_mem_to_SV(mem); ++} ++ ++static + void set_nextUpdate(SV* sv_self, char* enddate) { + ASN1_TIME* newtime; + X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); +@@ -2149,8 +2241,190 @@ void set_nextUpdate(SV* sv_self, char* enddate) { + X509_CRL_set_nextUpdate(self, time); + ASN1_TIME_free(time); + } ++ ++ ++static ++SV* get_nextUpdate(SV* sv_self) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ BIO* mem = BIO_new(BIO_s_mem()); ++ ASN1_TIME *next_update; ++ ++ if (! mem) { ++ croak("Cannot allocate BIO"); ++ } ++ if (!(next_update = X509_CRL_get_nextUpdate(self))) { ++ sslcroak("X509_CRL_get_nextUpdate"); ++ } ++ if (!(ASN1_TIME_print(mem, next_update) && (BIO_write(mem, "\\0", 1) > 0))) { ++ sslcroak("ASN1_TIME_print failed"); ++ } ++ return BIO_mem_to_SV(mem); ++} + SET_UPDATES + ++ ++ ++=head2 get_entryNumbers() ++ ++Get array of revoked serial numbers. ++ ++=cut ++ ++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_NUMBERS"; ++ ++static ++SV* get_entryNumbers(SV* sv_self) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ STACK_OF(X509_REVOKED) *rev = NULL; ++ X509_REVOKED *rev_entry = NULL; ++ int revnum, i; ++ ++ if (!(rev = X509_CRL_get_REVOKED(self))) { ++ sslcroak("X509_CRL_get_REVOKED failed"); ++ } ++ if (!(revnum = sk_X509_REVOKED_num(rev))) { ++ sslcroak("sk_X509_REVOKED_num failed"); ++ } ++ ++ SV* serial_SV = NULL; ++ SV* revokedate_SV = NULL; ++ HV* hash = NULL; ++ AV* array = newAV(); ++ ++ char* revokedate_label = "revokedate"; ++ char* serial_label = "serial"; ++ ++ BIO* mem = NULL; ++ for(i = 0; i < revnum; i++) { ++ if (!(hash = newHV())) { ++ croak("Cannot allocate HV"); ++ } ++ ++ if (!(rev_entry = sk_X509_REVOKED_value(rev, i))) { ++ sslcroak("sk_X509_REVOKED_value failed"); ++ } ++ ++ if (!(mem = BIO_new(BIO_s_mem()))) { ++ croak("Cannot allocate BIO"); ++ } ++ BIO_write(mem, "0x", 2); ++ i2a_ASN1_INTEGER(mem, rev_entry->serialNumber); ++ BIO_write(mem, "\\0", 1); ++ serial_SV = BIO_mem_to_SV(mem); ++ hv_store(hash, serial_label, strlen(serial_label), serial_SV, 0); ++ ++ if (!(mem = BIO_new(BIO_s_mem()))) { ++ croak("Cannot allocate BIO"); ++ } ++ ASN1_TIME_print(mem, rev_entry->revocationDate); ++ BIO_write(mem, "\\0", 1); ++ revokedate_SV = BIO_mem_to_SV(mem); ++ hv_store(hash, revokedate_label, strlen(revokedate_label), revokedate_SV, 0); ++ ++ av_push(array, newRV_noinc((SV*)hash)); ++ } ++ return newRV_noinc((SV*)array); ++} ++GET_ENTRY_NUMBERS ++ ++=head2 get_entry_count() ++ ++Get count of CRL entries. ++ ++=cut ++ ++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_COUNT"; ++ ++int get_entry_count(SV* sv_self) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ BIO* mem = BIO_new(BIO_s_mem()); ++ STACK_OF(X509_REVOKED) *rev = NULL; ++ int count; ++ ++ if (! mem) { ++ croak("Cannot allocate BIO"); ++ } ++ if (!(rev = X509_CRL_get_REVOKED(self))) { ++ sslcroak("X509_CRL_get_REVOKED failed"); ++ } ++ if (!(count = sk_X509_REVOKED_num(rev))) { ++ sslcroak("sk_X509_REVOKED_num failed"); ++ } ++ return count; ++} ++GET_ENTRY_COUNT ++ ++ ++=head2 get_entry_revoke_date( $num ) ++ ++Get revoke date of entry in the CRL. Count begin from zero. ++ ++=cut ++ ++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_REVOKE_DATE"; ++ ++static ++SV* get_entry_revoke_date(SV* sv_self, int num) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ BIO* mem = BIO_new(BIO_s_mem()); ++ ASN1_TIME *next_update; ++ STACK_OF(X509_REVOKED) *rev = NULL; ++ X509_REVOKED *rev_entry = NULL; ++ int revnum, i; ++ ++ if (! mem) { ++ croak("Cannot allocate BIO"); ++ } ++ if (!(rev = X509_CRL_get_REVOKED(self))) { ++ sslcroak("X509_CRL_get_REVOKED failed"); ++ } ++ if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) { ++ sslcroak("sk_X509_REVOKED_value failed"); ++ } ++ ASN1_TIME_print(mem, rev_entry->revocationDate); ++ if (!(BIO_write(mem, "\\0", 1) > 0)) { ++ sslcroak("BIO_write failed"); ++ } ++ return BIO_mem_to_SV(mem); ++} ++GET_ENTRY_REVOKE_DATE ++ ++ ++=head2 get_entry_serial( $num ) ++ ++Get serial number of entry in the CRL. ++ ++ ++=cut ++ ++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_SERIAL"; ++ ++static ++SV* get_entry_serial(SV* sv_self, int num) { ++ X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self); ++ BIO* mem = BIO_new(BIO_s_mem()); ++ STACK_OF(X509_REVOKED) *rev = NULL; ++ X509_REVOKED *rev_entry = NULL; ++ ++ if (! mem) { ++ croak("Cannot allocate BIO"); ++ } ++ if (!(rev = X509_CRL_get_REVOKED(self))) { ++ sslcroak("X509_CRL_get_REVOKED failed"); ++ } ++ BIO_write(mem, "0x", 2); ++ if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) { ++ sslcroak("sk_X509_REVOKED_value failed"); ++ } ++ i2a_ASN1_INTEGER(mem, rev_entry->serialNumber); ++ if (!(BIO_write(mem, "\\0", 1) > 0)) { ++ sslcroak("BIO_write failed"); ++ } ++ return BIO_mem_to_SV(mem); ++} ++GET_ENTRY_SERIAL ++ ++ + =head2 set_extension ($extname, $value, %options, %more_openssl_config) + + =head2 add_extension ($extname, $value, %options, %more_openssl_config) +@@ -2427,6 +2701,9 @@ Returns a textual representation of all the fields ins + C<X509_CRL_print()>. + + =cut ++ ++ ++ + + use Crypt::OpenSSL::CA::Inline::C <<"DUMP"; + static
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201706191805.v5JI5QQt068675>