commit 1756d405cc0d5bf8fd0a40b8d103ee9314522171
author Dr. Stephen Henson <steve@openssl.org> Sat Mar 06 19:33:29 1999 +0000
committer Dr. Stephen Henson <steve@openssl.org> Sat Mar 06 19:33:29 1999 +0000
tree fb862f3f0c53144b518ebf0eec245a10a355fa90
parent 116e315303d87c1974500a89dc3ff2fe7f88e59d

Added support for adding extensions to CRLs, also fix a memory leak and
make 'req' check the config file syntax before it adds extensions. Added
info in the documentation as well.

crypto/x509v3/v3_conf.c

diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 78dd995..5e0fa0b 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -264,6 +264,29 @@
 	return 1;
 }
 
+/* Same as above but for a CRL */
+
+int X509V3_EXT_CRL_add_conf(conf, ctx, section, crl)
+LHASH *conf;
+X509V3_CTX *ctx;
+char *section;
+X509_CRL *crl;
+{
+	X509_EXTENSION *ext;
+	STACK *nval;
+	CONF_VALUE *val;	
+	int i;
+	if(!(nval = CONF_get_section(conf, section))) return 0;
+	for(i = 0; i < sk_num(nval); i++) {
+		val = (CONF_VALUE *)sk_value(nval, i);
+		if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
+								return 0;
+		if(crl) X509_CRL_add_ext(crl, ext, -1);
+		X509_EXTENSION_free(ext);
+	}
+	return 1;
+}
+
 /* Just check syntax of config file as far as possible */
 int X509V3_EXT_check_conf(conf, section)
 LHASH *conf;