diff options
Diffstat (limited to 'pith')
-rw-r--r-- | pith/pine.hlp | 2 | ||||
-rw-r--r-- | pith/smime.c | 8 | ||||
-rw-r--r-- | pith/smkeys.c | 39 | ||||
-rw-r--r-- | pith/smkeys.h | 13 |
4 files changed, 39 insertions, 23 deletions
diff --git a/pith/pine.hlp b/pith/pine.hlp index 5ee5e72c..6559f9d6 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 166 2016-08-29 20:39:48 +Alpine Commit 167 2016-09-03 18:44:36 ============= h_news ================= <HTML> <HEAD> diff --git a/pith/smime.c b/pith/smime.c index 9629f743..389ce012 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -1238,8 +1238,12 @@ smime_init(void) s_cert_store = get_ca_store(); setup_certs_backup_by_type(CACert); +#ifdef OPENSSL_1_1_0 + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS|OPENSSL_INIT_ADD_ALL_DIGESTS|OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); +#else OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); +#endif /* OPENSSL_1_1_0 */ app_RAND_load_file(NULL); openssl_extra_randomness(); @@ -3142,8 +3146,8 @@ find_certificate_matching_recip_info(PKCS7_RECIP_INFO *ri) mine = x->cert; - if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,mine->cert_info->issuer) && - !ASN1_INTEGER_cmp(ri->issuer_and_serial->serial,mine->cert_info->serialNumber)){ + if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,X509_get_issuer_name(mine)) && + !ASN1_INTEGER_cmp(ri->issuer_and_serial->serial,X509_get_serialNumber(mine))){ break; } } diff --git a/pith/smkeys.c b/pith/smkeys.c index ce58ed41..8666d53b 100644 --- a/pith/smkeys.c +++ b/pith/smkeys.c @@ -62,11 +62,9 @@ smime_X509_to_cert_info(X509 *x, char *name) memset((void *)cert, 0, sizeof(CertList)); cert->x509_cert = x; cert->name = name ? cpystr(name) : NULL; - if(x && x->cert_info){ - cert->data.date_from = smime_get_date(x->cert_info->validity->notBefore); - cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter); - cert->cn = smime_get_cn(x->cert_info->subject); - } + cert->data.date_from = smime_get_date(X509_get0_notBefore(x)); + cert->data.date_to = smime_get_date(X509_get0_notAfter(x)); + cert->cn = smime_get_cn(x); get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); cert->data.md5 = cpystr(buf); @@ -222,7 +220,7 @@ setup_certs_backup_by_type(WhichCerts ctype) case CACert: if((in = BIO_new_file(buf2, "r"))!=0){ x = PEM_read_bio_X509(in, NULL, NULL, NULL); - if(x && x->cert_info){ /* for now copy this information */ + if(x){ /* for now copy this information */ cert = smime_X509_to_cert_info(x, df->d_name); /* we will use the cert->data.md5 variable to find a backup certificate, not the name */ @@ -261,14 +259,20 @@ setup_certs_backup_by_type(WhichCerts ctype) } char * -smime_get_cn(X509_NAME *subject) +smime_get_cn(X509 *x) { - char buf[256]; X509_NAME_ENTRY *e; - e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-1); - if(e) - X509_NAME_get_text_by_OBJ(subject, e->object, buf, sizeof(buf)); - return cpystr(buf); + X509_NAME *subject; + char buf[256]; + char *rv = NULL; + + subject = X509_get_subject_name(x); + if((e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-1)) != NULL){ + X509_NAME_get_text_by_OBJ(subject, X509_NAME_ENTRY_get_object(e), buf, sizeof(buf)); + rv = cpystr(buf); + } + + return rv; } int @@ -395,7 +399,7 @@ emailstrclean(char *string) char * -smime_get_date(ASN1_GENERALIZEDTIME *tm) +smime_get_date(const ASN1_TIME *tm) { BIO *mb = BIO_new(BIO_s_mem()); char iobuf[4096]; @@ -476,13 +480,12 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata) cert->name = cpystr(d->d_name); /* read buf into a bio and fill the CertData structure */ if((in = BIO_new_file(buf, "r"))!=0){ - x = PEM_read_bio_X509(in, NULL, NULL, NULL); - if(x && x->cert_info){ - cert->data.date_from = smime_get_date(x->cert_info->validity->notBefore); - cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter); + if((x = PEM_read_bio_X509(in, NULL, NULL, NULL)) != NULL){ + cert->data.date_from = smime_get_date(X509_get0_notBefore(x)); + cert->data.date_to = smime_get_date(X509_get0_notAfter(x)); get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); cert->data.md5 = cpystr(buf); - cert->cn = smime_get_cn(x->cert_info->subject); + cert->cn = smime_get_cn(x); X509_free(x); } BIO_free(in); diff --git a/pith/smkeys.h b/pith/smkeys.h index 8c23d905..0d3570bc 100644 --- a/pith/smkeys.h +++ b/pith/smkeys.h @@ -29,7 +29,16 @@ #include <openssl/pem.h> #include <openssl/err.h> #include <openssl/bio.h> +#include <openssl/safestack.h> +#ifndef OPENSSL_1_1_0 +#define X509_get0_notBefore(x) ((x) && (x)->cert_info \ + ? (x)->cert_info->validity->notBefore \ + : NULL) +#define X509_get0_notAfter(x) ((x) && (x)->cert_info \ + ? (x)->cert_info->validity->notAfter \ + : NULL) +#endif /* OPENSSL_1_1_0 */ #define EMAILADDRLEADER "emailAddress=" #define CACERTSTORELEADER "cacert=" @@ -64,10 +73,10 @@ void free_personal_certs(PERSONAL_CERT **pc); void get_fingerprint(X509 *cert, const EVP_MD *type, char *buf, size_t maxLen, char *s); int certlist_to_file(char *filename, CertList *certlist); int load_cert_for_key(char *pathdir, EVP_PKEY *pkey, char **certfile, X509 **pcert); -char *smime_get_date(ASN1_GENERALIZEDTIME *tm); +char *smime_get_date(const ASN1_TIME *tm); void resort_certificates(CertList **data, WhichCerts ctype); int setup_certs_backup_by_type(WhichCerts ctype); -char *smime_get_cn(X509_NAME *); +char *smime_get_cn(X509 *); CertList *smime_X509_to_cert_info(X509 *, char *); |