RE: [openssl.org #243] OpenSSL 0.9.6g fail on IBM OS/390

Fri, 30 Aug 2002 21:40:38 -0700 

Damn, sent an incomplete diff for crypto/x509v3/v3_utl.c. Sorry about that.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Howard Chu

> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Howard Chu
>
> > The output from testca is still a little dodgy, there are a few
> certificate
> > fields that are printed in ASCII that need to be translated to EBCDIC for
> > appearance's sake. But that's simple to fix; if you're interested
> > I'll submit
> > patches for that later.
>
> X509v3 extensions weren't handling EBCDIC correctly. Trying to set a
> subjectAltName resulted in the EBCDIC strings going into the cert,
> instead of
> ASCII. Here are the fixes for crypto/x509v3. Also, the ca app needs a small
> patch to translate DN components from ASCII to EBCDIC when confirming their
> values.
>
>   -- Howard Chu
>   Chief Architect, Symas Corp.       Director, Highland Sun
>   http://www.symas.com               http://highlandsun.com/hyc
>   Symas: Premier OpenSource Development and Support
>

--- v3_utl.c    2002/08/31 03:27:11     1.1
+++ v3_utl.c    2002/08/31 04:59:00
@@ -111,17 +111,25 @@
        OPENSSL_free(conf);
 }
 
+#ifdef CHARSET_EBCDIC
+static const char _true[] = {0x54, 0x52, 0x55, 0x45, 0x00 };
+static const char _false[] = {0x46, 0x41, 0x4c, 0x53, 0x45, 0x00};
+#else
+static const char _true[] = "TRUE";
+static const char _false[] = "FALSE";
+#endif
+
 int X509V3_add_value_bool(const char *name, int asn1_bool,
                                                STACK_OF(CONF_VALUE) **extlist)
 {
-       if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
-       return X509V3_add_value(name, "FALSE", extlist);
+       if(asn1_bool) return X509V3_add_value(name, _true, extlist);
+       return X509V3_add_value(name, _false, extlist);
 }
 
 int X509V3_add_value_bool_nf(char *name, int asn1_bool,
                                                STACK_OF(CONF_VALUE) **extlist)
 {
-       if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
+       if(asn1_bool) return X509V3_add_value(name, _true, extlist);
        return 1;
 }

Reply via email to