diff options
author | Ted Trask <ttrask01@yahoo.com> | 2008-07-15 18:21:53 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2008-07-15 18:21:53 +0000 |
commit | ebe93b2671c8c7915b128b967edece12961fe9c4 (patch) | |
tree | a56ee3d31c4d791ab1d3f4268c251736cf307c17 | |
parent | 8672de2f74059934cd29376dcae985966e244396 (diff) | |
download | acf-openssl-ebe93b2671c8c7915b128b967edece12961fe9c4.tar.bz2 acf-openssl-ebe93b2671c8c7915b128b967edece12961fe9c4.tar.xz |
Modify openssl to allow all characters except # in distinguished names.
git-svn-id: svn://svn.alpinelinux.org/acf/openssl/trunk@1305 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r-- | openssl-ca-acf.cnf | 4 | ||||
-rw-r--r-- | openssl-model.lua | 10 |
2 files changed, 8 insertions, 6 deletions
diff --git a/openssl-ca-acf.cnf b/openssl-ca-acf.cnf index fd48c49..73db0c6 100644 --- a/openssl-ca-acf.cnf +++ b/openssl-ca-acf.cnf @@ -150,7 +150,7 @@ authorityKeyIdentifier = keyid,issuer:always basicConstraints = CA:FALSE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid,issuer:always -policy = policy_acf_ca +policy = policy_acf_cert [ ssl_server_cert ] @@ -182,7 +182,7 @@ keyUsage = cRLSign, keyCertSign extendedKeyUsage = subjectKeyIdentifier = hash authorityKeyIdentifier = keyid,issuer:always -policy = policy_acf_cert +policy = policy_acf_ca [ crl_ext ] authorityKeyIdentifier = keyid,issuer:always diff --git a/openssl-model.lua b/openssl-model.lua index 6a17a0c..bcaf477 100644 --- a/openssl-model.lua +++ b/openssl-model.lua @@ -53,8 +53,8 @@ local validate_distinguished_names = function(values) local success = true for name,value in pairs(values.value) do - if string.find(value.value, "[,/'=]") then - value.errtxt = "Value cannot contain =/,'" + if string.find(value.value, "[#]") then + value.errtxt = "Value cannot contain #" success = false end @@ -102,14 +102,16 @@ local create_subject_string = function(values, ignorevalues) reverseshorts[short] = name end for name,value in pairs(values.value) do - name = name:gsub(".*%.", "") + name = name:gsub(".*%.", "") -- remove the "0." from the front + value.value = value.value:gsub("[/=]", "\%1") -- escape characters if (short_names[name] or reverseshorts[name]) and value.value and value.value ~= "" then name = short_names[name] or name outstr[#outstr + 1] = name .. "=" .. value.value end end for name,value in pairs(values.value) do - name = name:gsub(".*%.", "") + name = name:gsub(".*%.", "") -- remove the "0." from the front + value.value = value.value:gsub("[/=]", "\%1") -- escape characters if not reverseignore[name] and not short_names[name] and not reverseshorts[name] and value.value and value.value ~= "" then outstr[#outstr + 1] = name .. "=" .. value.value end |