From owner-svn-ports-all@freebsd.org  Mon Jun 19 18:05:27 2017
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1D6ADA1D50;
 Mon, 19 Jun 2017 18:05:27 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9D8BE7EBDC;
 Mon, 19 Jun 2017 18:05:27 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v5JI5QTM068677;
 Mon, 19 Jun 2017 18:05:26 GMT (envelope-from pi@FreeBSD.org)
Received: (from pi@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v5JI5QQt068675;
 Mon, 19 Jun 2017 18:05:26 GMT (envelope-from pi@FreeBSD.org)
Message-Id: <201706191805.v5JI5QQt068675@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org
 using -f
From: Kurt Jaeger <pi@FreeBSD.org>
Date: Mon, 19 Jun 2017 18:05:26 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r443904 - in head/security/p5-Crypt-OpenSSL-CA: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jun 2017 18:05:27 -0000

Author: pi
Date: Mon Jun 19 18:05:26 2017
New Revision: 443904
URL: https://svnweb.freebsd.org/changeset/ports/443904

Log:
  security/p5-Crypt-OpenSSL-CA: add functions to retrieve CRL-related infos
  
  PR:		220134
  Submitted by:	Borodin Oleg <onborodin@gmail.com>

Added:
  head/security/p5-Crypt-OpenSSL-CA/files/
  head/security/p5-Crypt-OpenSSL-CA/files/patch-lib_Crypt_OpenSSL_CA.pm   (contents, props changed)
Modified:
  head/security/p5-Crypt-OpenSSL-CA/Makefile

Modified: head/security/p5-Crypt-OpenSSL-CA/Makefile
==============================================================================
--- head/security/p5-Crypt-OpenSSL-CA/Makefile	Mon Jun 19 18:04:31 2017	(r443903)
+++ head/security/p5-Crypt-OpenSSL-CA/Makefile	Mon Jun 19 18:05:26 2017	(r443904)
@@ -3,7 +3,7 @@
 
 PORTNAME=	Crypt-OpenSSL-CA
 PORTVERSION=	0.24
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	security perl5
 MASTER_SITES=	CPAN
 PKGNAMEPREFIX=	p5-

Added: head/security/p5-Crypt-OpenSSL-CA/files/patch-lib_Crypt_OpenSSL_CA.pm
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/p5-Crypt-OpenSSL-CA/files/patch-lib_Crypt_OpenSSL_CA.pm	Mon Jun 19 18:05:26 2017	(r443904)
@@ -0,0 +1,320 @@
+--- lib/Crypt/OpenSSL/CA.pm.orig	2017-06-19 18:02:36 UTC
++++ lib/Crypt/OpenSSL/CA.pm
+@@ -2064,6 +2064,43 @@ void DESTROY(SV* sv_self) {
+ }
+ X509_CRL_BASE
+ 
++
++=head2 parse_CRL ($pem_crl)
++
++Creates and returns an I<Crypt::OpenSSL::CA::X509_CRL> object.
++
++=cut
++
++sub parse_CRL {
++    my ($class, $pemcrl) = @_;
++
++    unless ($pemcrl) {
++        croak("CRL pem must by");
++    }
++    return $class->_parse_CRL($pemcrl);
++}
++
++
++
++use Crypt::OpenSSL::CA::Inline::C <<"_PARSE_CRL";
++static
++SV* _parse_CRL(char *class, const char* pemcrl) {
++    BIO *crlbio;
++    X509_CRL *crl = NULL;
++
++    crlbio = BIO_new_mem_buf((void *) pemcrl, -1);
++    if (crlbio == NULL) {
++        croak("BIO_new_mem_buf failed");
++    }
++    crl = PEM_read_bio_X509_CRL(crlbio, NULL, NULL, NULL);
++    if (crl == NULL) {
++            X509_CRL_free(crl);
++            sslcroak("unable to parse CRL");
++    }
++    return perl_wrap("${\__PACKAGE__}", crl);
++}
++_PARSE_CRL
++
+ =head2 new ()
+ 
+ =head2 new ($version)
+@@ -2120,10 +2157,47 @@ void set_issuer_DN(SV* sv_self, SV* sv_dn) {
+ }
+ SET_ISSUER_DN
+ 
++=head2 get_issuer_DN()
++
++Get DN string of issuer the CRL
++
++=cut
++
++use Crypt::OpenSSL::CA::Inline::C <<"GET_ISSUER";
++
++static
++SV* get_issuer_DN(SV* sv_self) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    BIO* mem = BIO_new(BIO_s_mem());
++    ASN1_TIME *next_update;
++    X509_NAME *issuer = NULL;
++
++    if (! mem) {
++        croak("Cannot allocate BIO");
++    }
++
++    issuer = X509_NAME_new();
++
++    if (!(issuer = X509_CRL_get_issuer(self))) {
++        sslcroak("X509_CRL_get_issuer failed");
++    }
++    if (!(X509_NAME_print_ex(mem, issuer, 0, XN_FLAG_ONELINE) && (BIO_write(mem, "\\0", 1) > 0))) {
++            sslcroak("X509_CRL_get_nextUpdate failed");
++    }
++    return BIO_mem_to_SV(mem);
++}
++GET_ISSUER
++
++
+ =head2 set_lastUpdate ($enddate)
+ 
+ =head2 set_nextUpdate ($startdate)
+ 
++=head2 get_nextUpdate ()
++
++=head2 get_lastUpdate ()
++
++
+ Sets the validity period of the certificate.  The dates must be in the
+ GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the
+ end, meaning "Zulu" in case you care).
+@@ -2141,6 +2215,24 @@ void set_lastUpdate(SV* sv_self, char* startdate) {
+ }
+ 
+ static
++SV* get_lastUpdate(SV* sv_self) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    BIO* mem = BIO_new(BIO_s_mem());
++    ASN1_TIME *last_update;
++
++    if (! mem) {
++        croak("Cannot allocate BIO");
++    }
++    if (!(last_update = X509_CRL_get_lastUpdate(self))) {
++        sslcroak("X509_CRL_get_lastUpdate");
++    }
++    if (!(ASN1_TIME_print(mem, last_update) && (BIO_write(mem, "\\0", 1) > 0))) {
++        sslcroak("X509_CRL_get_lastUpdate failed");
++    }
++    return BIO_mem_to_SV(mem);
++}
++
++static
+ void set_nextUpdate(SV* sv_self, char* enddate) {
+     ASN1_TIME* newtime;
+     X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
+@@ -2149,8 +2241,190 @@ void set_nextUpdate(SV* sv_self, char* enddate) {
+     X509_CRL_set_nextUpdate(self, time);
+     ASN1_TIME_free(time);
+ }
++
++
++static
++SV* get_nextUpdate(SV* sv_self) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    BIO* mem = BIO_new(BIO_s_mem());
++    ASN1_TIME *next_update;
++
++    if (! mem) {
++        croak("Cannot allocate BIO");
++    }
++    if (!(next_update = X509_CRL_get_nextUpdate(self))) {
++        sslcroak("X509_CRL_get_nextUpdate");
++    }
++    if (!(ASN1_TIME_print(mem, next_update) && (BIO_write(mem, "\\0", 1) > 0))) {
++        sslcroak("ASN1_TIME_print failed");
++    }
++    return BIO_mem_to_SV(mem);
++}
+ SET_UPDATES
+ 
++
++
++=head2 get_entryNumbers()
++
++Get array of revoked serial numbers.
++
++=cut
++
++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_NUMBERS";
++
++static
++SV* get_entryNumbers(SV* sv_self) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    STACK_OF(X509_REVOKED) *rev = NULL;
++    X509_REVOKED *rev_entry = NULL;
++    int revnum, i;
++
++    if (!(rev = X509_CRL_get_REVOKED(self))) {
++        sslcroak("X509_CRL_get_REVOKED failed");
++    }
++    if (!(revnum = sk_X509_REVOKED_num(rev))) {
++        sslcroak("sk_X509_REVOKED_num failed");
++    }
++
++    SV* serial_SV = NULL;
++    SV* revokedate_SV = NULL;
++    HV* hash = NULL;
++    AV* array = newAV();
++
++    char* revokedate_label = "revokedate";
++    char* serial_label = "serial";
++
++    BIO* mem = NULL;
++    for(i = 0; i < revnum; i++) {
++        if (!(hash = newHV())) {
++            croak("Cannot allocate HV");
++        }
++
++        if (!(rev_entry = sk_X509_REVOKED_value(rev, i))) {
++            sslcroak("sk_X509_REVOKED_value failed");
++        }
++
++        if (!(mem = BIO_new(BIO_s_mem()))) {
++            croak("Cannot allocate BIO");
++        }
++        BIO_write(mem, "0x", 2);
++        i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
++        BIO_write(mem, "\\0", 1);
++        serial_SV = BIO_mem_to_SV(mem);
++        hv_store(hash, serial_label, strlen(serial_label), serial_SV, 0);
++
++        if (!(mem = BIO_new(BIO_s_mem()))) {
++            croak("Cannot allocate BIO");
++        }
++        ASN1_TIME_print(mem, rev_entry->revocationDate);
++        BIO_write(mem, "\\0", 1);
++        revokedate_SV = BIO_mem_to_SV(mem);
++        hv_store(hash, revokedate_label, strlen(revokedate_label), revokedate_SV, 0);
++
++        av_push(array, newRV_noinc((SV*)hash));
++    }
++    return newRV_noinc((SV*)array);
++}
++GET_ENTRY_NUMBERS
++
++=head2 get_entry_count()
++
++Get count of CRL entries.
++
++=cut
++
++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_COUNT";
++
++int get_entry_count(SV* sv_self) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    BIO* mem = BIO_new(BIO_s_mem());
++    STACK_OF(X509_REVOKED) *rev = NULL;
++    int count;
++
++    if (! mem) {
++        croak("Cannot allocate BIO");
++    }
++    if (!(rev = X509_CRL_get_REVOKED(self))) {
++        sslcroak("X509_CRL_get_REVOKED failed");
++    }
++    if (!(count = sk_X509_REVOKED_num(rev))) {
++        sslcroak("sk_X509_REVOKED_num failed");
++    }
++    return count;
++}
++GET_ENTRY_COUNT
++
++
++=head2 get_entry_revoke_date( $num )
++
++Get revoke date of entry in the CRL. Count begin from zero.
++
++=cut
++
++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_REVOKE_DATE";
++
++static
++SV* get_entry_revoke_date(SV* sv_self, int num) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    BIO* mem = BIO_new(BIO_s_mem());
++    ASN1_TIME *next_update;
++    STACK_OF(X509_REVOKED) *rev = NULL;
++    X509_REVOKED *rev_entry = NULL;
++    int revnum, i;
++
++    if (! mem) {
++        croak("Cannot allocate BIO");
++    }
++    if (!(rev = X509_CRL_get_REVOKED(self))) {
++        sslcroak("X509_CRL_get_REVOKED failed");
++    }
++    if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
++            sslcroak("sk_X509_REVOKED_value failed");
++    }
++    ASN1_TIME_print(mem, rev_entry->revocationDate);
++    if (!(BIO_write(mem, "\\0", 1) > 0)) {
++        sslcroak("BIO_write failed");
++    }
++    return BIO_mem_to_SV(mem);
++}
++GET_ENTRY_REVOKE_DATE
++
++
++=head2 get_entry_serial( $num )
++
++Get serial number of entry in the CRL.
++
++
++=cut
++
++use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_SERIAL";
++
++static
++SV* get_entry_serial(SV* sv_self, int num) {
++    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
++    BIO* mem = BIO_new(BIO_s_mem());
++    STACK_OF(X509_REVOKED) *rev = NULL;
++    X509_REVOKED *rev_entry = NULL;
++
++    if (! mem) {
++        croak("Cannot allocate BIO");
++    }
++    if (!(rev = X509_CRL_get_REVOKED(self))) {
++        sslcroak("X509_CRL_get_REVOKED failed");
++    }
++    BIO_write(mem, "0x", 2); 
++    if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
++            sslcroak("sk_X509_REVOKED_value failed");
++    }
++    i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
++    if (!(BIO_write(mem, "\\0", 1) > 0)) {
++        sslcroak("BIO_write failed");
++    }
++    return BIO_mem_to_SV(mem);
++}
++GET_ENTRY_SERIAL
++
++
+ =head2 set_extension ($extname, $value, %options, %more_openssl_config)
+ 
+ =head2 add_extension ($extname, $value, %options, %more_openssl_config)
+@@ -2427,6 +2701,9 @@ Returns a textual representation of all the fields ins
+ C<X509_CRL_print()>.
+ 
+ =cut
++
++
++
+ 
+ use Crypt::OpenSSL::CA::Inline::C <<"DUMP";
+ static