← Back to branch summary

~andersk/ubuntu/oneiric/openssl/spurious-reboot

« back to all changes in this revision

Viewing changes to crypto/x509v3/pcy_map.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2010-12-12 15:37:21 UTC
  • mto: (1.2.1 upstream) (11.2.1 experimental)
  • mto: This revision was merged to the branch mainline in revision 55.
  • Revision ID: james.westby@ubuntu.com-20101212153721-mfw51stum5hwztpd
Tags: upstream-1.0.0c
ImportĀ upstreamĀ versionĀ 1.0.0c

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/x509v3/pcy_map.c
62
62
 
63
63
#include "pcy_int.h"
64
64
 
65
 
static int ref_cmp(const X509_POLICY_REF * const *a,
66
 
                        const X509_POLICY_REF * const *b)
67
 
        {
68
 
        return OBJ_cmp((*a)->subjectDomainPolicy, (*b)->subjectDomainPolicy);
69
 
        }
70
 
 
71
 
static void policy_map_free(X509_POLICY_REF *map)
72
 
        {
73
 
        if (map->subjectDomainPolicy)
74
 
                ASN1_OBJECT_free(map->subjectDomainPolicy);
75
 
        OPENSSL_free(map);
76
 
        }
77
 
 
78
 
static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache, ASN1_OBJECT *id)
79
 
        {
80
 
        X509_POLICY_REF tmp;
81
 
        int idx;
82
 
        tmp.subjectDomainPolicy = id;
83
 
 
84
 
        idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
85
 
        if (idx == -1)
86
 
                return NULL;
87
 
        return sk_X509_POLICY_REF_value(cache->maps, idx);
88
 
        }
89
 
 
90
65
/* Set policy mapping entries in cache.
91
66
 * Note: this modifies the passed POLICY_MAPPINGS structure
92
67
 */
94
69
int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
95
70
        {
96
71
        POLICY_MAPPING *map;
97
 
        X509_POLICY_REF *ref = NULL;
98
72
        X509_POLICY_DATA *data;
99
73
        X509_POLICY_CACHE *cache = x->policy_cache;
100
74
        int i;
104
78
                ret = -1;
105
79
                goto bad_mapping;
106
80
                }
107
 
        cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
108
81
        for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)
109
82
                {
110
83
                map = sk_POLICY_MAPPING_value(maps, i);
116
89
                        goto bad_mapping;
117
90
                        }
118
91
 
119
 
                /* If we've already mapped from this OID bad mapping */
120
 
                if (policy_map_find(cache, map->subjectDomainPolicy) != NULL)
121
 
                        {
122
 
                        ret = -1;
123
 
                        goto bad_mapping;
124
 
                        }
125
 
 
126
92
                /* Attempt to find matching policy data */
127
93
                data = policy_cache_find_data(cache, map->issuerDomainPolicy);
128
94
                /* If we don't have anyPolicy can't map */
138
104
                        if (!data)
139
105
                                goto bad_mapping;
140
106
                        data->qualifier_set = cache->anyPolicy->qualifier_set;
141
 
                        map->issuerDomainPolicy = NULL;
 
107
                        /*map->issuerDomainPolicy = NULL;*/
142
108
                        data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
143
109
                        data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
144
110
                        if (!sk_X509_POLICY_DATA_push(cache->data, data))
149
115
                        }
150
116
                else
151
117
                        data->flags |= POLICY_DATA_FLAG_MAPPED;
152
 
 
153
118
                if (!sk_ASN1_OBJECT_push(data->expected_policy_set, 
154
119
                                                map->subjectDomainPolicy))
155
120
                        goto bad_mapping;
156
 
                
157
 
                ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
158
 
                if (!ref)
159
 
                        goto bad_mapping;
160
 
 
161
 
                ref->subjectDomainPolicy = map->subjectDomainPolicy;
162
121
                map->subjectDomainPolicy = NULL;
163
 
                ref->data = data;
164
 
 
165
 
                if (!sk_X509_POLICY_REF_push(cache->maps, ref))
166
 
                        goto bad_mapping;
167
 
 
168
 
                ref = NULL;
169
122
 
170
123
                }
171
124
 
173
126
        bad_mapping:
174
127
        if (ret == -1)
175
128
                x->ex_flags |= EXFLAG_INVALID_POLICY;
176
 
        if (ref)
177
 
                policy_map_free(ref);
178
 
        if (ret <= 0)
179
 
                {
180
 
                sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
181
 
                cache->maps = NULL;
182
 
                }
183
129
        sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
184
130
        return ret;
185
131