[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Two organizational units
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: Two organizational units |
Date: |
Mon, 04 Sep 2006 16:09:42 +0200 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) |
Sascha Ziemann <address@hidden> writes:
> Hi,
>
> I would like to generate a certificate with more than one OU field in
> the subject. When I try to write two "unit=" entries in the template
> file, I get an error. What is the right way to do that?
Hi! I don't think that is supported right now. Could you test this
patch?
/Simon
Index: certtool-cfg.c
===================================================================
RCS file: /cvs/gnutls/gnutls/src/certtool-cfg.c,v
retrieving revision 2.15
diff -u -p -r2.15 certtool-cfg.c
--- certtool-cfg.c 15 May 2006 14:29:45 -0000 2.15
+++ certtool-cfg.c 4 Sep 2006 14:07:10 -0000
@@ -40,7 +40,7 @@ extern int batch;
typedef struct _cfg_ctx
{
char *organization;
- char *unit;
+ char **unit;
char *locality;
char *state;
char *cn;
@@ -93,7 +93,7 @@ template_parse (const char *template)
struct cfg_option options[] = {
{NULL, '\0', "organization", CFG_STR, (void *) &cfg.organization,
0},
- {NULL, '\0', "unit", CFG_STR, (void *) &cfg.unit, 0},
+ {NULL, '\0', "unit", CFG_STR + CFG_MULTI, (void *) &cfg.unit, 0},
{NULL, '\0', "locality", CFG_STR, (void *) &cfg.locality, 0},
{NULL, '\0', "state", CFG_STR, (void *) &cfg.state, 0},
{NULL, '\0', "cn", CFG_STR, (void *) &cfg.cn, 0},
@@ -366,20 +366,24 @@ void
get_unit_crt_set (gnutls_x509_crt crt)
{
int ret;
+ size_t i;
if (batch)
{
if (!cfg.unit)
return;
- ret =
- gnutls_x509_crt_set_dn_by_oid (crt,
- GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
- 0, cfg.unit, strlen (cfg.unit));
- if (ret < 0)
+ for (i = 0; cfg.unit[i] != NULL; i++)
{
- fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
- exit (1);
+ ret =
+ gnutls_x509_crt_set_dn_by_oid (crt,
+
GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
+ 0, cfg.unit[i], strlen
(cfg.unit[i]));
+ if (ret < 0)
+ {
+ fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
+ exit (1);
+ }
}
}
else
@@ -892,20 +896,24 @@ void
get_unit_crq_set (gnutls_x509_crq crq)
{
int ret;
+ size_t i;
if (batch)
{
if (!cfg.unit)
return;
- ret =
- gnutls_x509_crq_set_dn_by_oid (crq,
- GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
- 0, cfg.unit, strlen (cfg.unit));
- if (ret < 0)
+ for (i = 0; cfg.unit[i] != NULL; i++)
{
- fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
- exit (1);
+ ret =
+ gnutls_x509_crq_set_dn_by_oid (crq,
+
GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
+ 0, cfg.unit[i], strlen
(cfg.unit[i]));
+ if (ret < 0)
+ {
+ fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
+ exit (1);
+ }
}
}
else
Index: certtool-cfg.h
===================================================================
RCS file: /cvs/gnutls/gnutls/src/certtool-cfg.h,v
retrieving revision 2.8
diff -u -p -r2.8 certtool-cfg.h
--- certtool-cfg.h 7 Nov 2005 23:28:05 -0000 2.8
+++ certtool-cfg.h 4 Sep 2006 14:07:10 -0000
@@ -1,6 +1,6 @@
#include <gnutls/x509.h>
-extern char *organization, *unit, *locality, *state;
+extern char *organization, **unit, *locality, *state;
extern char *cn, *challenge_password, *password, *pkcs9_email, *country;
extern char *dns_name, *email, *crl_dist_points, *pkcs12_key_name;
extern int serial, expiration_days, ca, tls_www_client, tls_www_server,