diff options
Diffstat (limited to 'crypto/openssl/crypto/x509v3/v3_cpols.c')
| -rw-r--r-- | crypto/openssl/crypto/x509v3/v3_cpols.c | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/crypto/openssl/crypto/x509v3/v3_cpols.c b/crypto/openssl/crypto/x509v3/v3_cpols.c index 0d554f3a2c97..e5b8c5a1acc2 100644 --- a/crypto/openssl/crypto/x509v3/v3_cpols.c +++ b/crypto/openssl/crypto/x509v3/v3_cpols.c @@ -3,7 +3,7 @@ * project 1999. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,6 +63,8 @@ #include <openssl/asn1t.h> #include <openssl/x509v3.h> +#include "pcy_int.h" + /* Certificate policies extension support: this one is a bit complex... */ static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); @@ -137,7 +139,15 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, CONF_VALUE *cnf; int i, ia5org; pols = sk_POLICYINFO_new_null(); + if (pols == NULL) { + X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); + return NULL; + } vals = X509V3_parse_list(value); + if (vals == NULL) { + X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB); + goto err; + } ia5org = 0; for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { cnf = sk_CONF_VALUE_value(vals, i); @@ -176,6 +186,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); return pols; err: + sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); sk_POLICYINFO_pop_free(pols, POLICYINFO_free); return NULL; } @@ -339,7 +350,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) return 1; merr: - X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_NREF_NOS,ERR_R_MALLOC_FAILURE); err: sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); @@ -420,3 +431,19 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) notice->exptext->data); } +void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) + { + const X509_POLICY_DATA *dat = node->data; + + BIO_printf(out, "%*sPolicy: ", indent, ""); + + i2a_ASN1_OBJECT(out, dat->valid_policy); + BIO_puts(out, "\n"); + BIO_printf(out, "%*s%s\n", indent + 2, "", + node_data_critical(dat) ? "Critical" : "Non Critical"); + if (dat->qualifier_set) + print_qualifiers(out, dat->qualifier_set, indent + 2); + else + BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); + } + |