aboutsummaryrefslogtreecommitdiff
path: root/crypto/x509v3
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/x509v3')
-rw-r--r--crypto/x509v3/pcy_cache.c4
-rw-r--r--crypto/x509v3/pcy_data.c2
-rw-r--r--crypto/x509v3/pcy_lib.c2
-rw-r--r--crypto/x509v3/pcy_local.h (renamed from crypto/x509v3/pcy_int.h)0
-rw-r--r--crypto/x509v3/pcy_map.c4
-rw-r--r--crypto/x509v3/pcy_node.c2
-rw-r--r--crypto/x509v3/pcy_tree.c2
-rw-r--r--crypto/x509v3/v3_addr.c2
-rw-r--r--crypto/x509v3/v3_admis.h4
-rw-r--r--crypto/x509v3/v3_alt.c17
-rw-r--r--crypto/x509v3/v3_asid.c28
-rw-r--r--crypto/x509v3/v3_conf.c4
-rw-r--r--crypto/x509v3/v3_cpols.c2
-rw-r--r--crypto/x509v3/v3_crld.c2
-rw-r--r--crypto/x509v3/v3_ncons.c4
-rw-r--r--crypto/x509v3/v3_purp.c2
-rw-r--r--crypto/x509v3/v3_skey.c2
-rw-r--r--crypto/x509v3/v3_utl.c4
18 files changed, 57 insertions, 30 deletions
diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c
index 623870b1f6f5..04401bace8c5 100644
--- a/crypto/x509v3/pcy_cache.c
+++ b/crypto/x509v3/pcy_cache.c
@@ -10,9 +10,9 @@
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
-#include "pcy_int.h"
+#include "pcy_local.h"
static int policy_data_cmp(const X509_POLICY_DATA *const *a,
const X509_POLICY_DATA *const *b);
diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index bd3bb0e40dfe..073505951322 100644
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -11,7 +11,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "pcy_int.h"
+#include "pcy_local.h"
/* Policy Node routines */
diff --git a/crypto/x509v3/pcy_lib.c b/crypto/x509v3/pcy_lib.c
index 67f7eafc6e8d..2e196b838ca2 100644
--- a/crypto/x509v3/pcy_lib.c
+++ b/crypto/x509v3/pcy_lib.c
@@ -11,7 +11,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "pcy_int.h"
+#include "pcy_local.h"
/* accessor functions */
diff --git a/crypto/x509v3/pcy_int.h b/crypto/x509v3/pcy_local.h
index 5daf78de4585..5daf78de4585 100644
--- a/crypto/x509v3/pcy_int.h
+++ b/crypto/x509v3/pcy_local.h
diff --git a/crypto/x509v3/pcy_map.c b/crypto/x509v3/pcy_map.c
index ab9dd21b7d93..ae2a62c97787 100644
--- a/crypto/x509v3/pcy_map.c
+++ b/crypto/x509v3/pcy_map.c
@@ -10,9 +10,9 @@
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
-#include "pcy_int.h"
+#include "pcy_local.h"
/*
* Set policy mapping entries in cache. Note: this modifies the passed
diff --git a/crypto/x509v3/pcy_node.c b/crypto/x509v3/pcy_node.c
index 1ffe98498bdb..e2d7b1532236 100644
--- a/crypto/x509v3/pcy_node.c
+++ b/crypto/x509v3/pcy_node.c
@@ -12,7 +12,7 @@
#include <openssl/x509v3.h>
#include <openssl/err.h>
-#include "pcy_int.h"
+#include "pcy_local.h"
static int node_cmp(const X509_POLICY_NODE *const *a,
const X509_POLICY_NODE *const *b)
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 87f51d001bbb..6e8322cbc5e3 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -11,7 +11,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "pcy_int.h"
+#include "pcy_local.h"
/*
* Enable this to print out the complete policy tree at various point during
diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index bb58e0484611..4258dbc40c0f 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -20,7 +20,7 @@
#include <openssl/asn1t.h>
#include <openssl/buffer.h>
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include "ext_dat.h"
#ifndef OPENSSL_NO_RFC3779
diff --git a/crypto/x509v3/v3_admis.h b/crypto/x509v3/v3_admis.h
index fa23fc761759..ea7632b3708d 100644
--- a/crypto/x509v3/v3_admis.h
+++ b/crypto/x509v3/v3_admis.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_V3_ADMISSION_H
-# define HEADER_V3_ADMISSION_H
+#ifndef OSSL_CRYPTO_X509V3_V3_ADMIS_H
+# define OSSL_CRYPTO_X509V3_V3_ADMIS_H
struct NamingAuthority_st {
ASN1_OBJECT* namingAuthorityId;
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index dfcb9094f4fc..7ac2911b91af 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -52,11 +52,24 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
{
int i;
GENERAL_NAME *gen;
+ STACK_OF(CONF_VALUE) *tmpret = NULL, *origret = ret;
+
for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
gen = sk_GENERAL_NAME_value(gens, i);
- ret = i2v_GENERAL_NAME(method, gen, ret);
+ /*
+ * i2v_GENERAL_NAME allocates ret if it is NULL. If something goes
+ * wrong we need to free the stack - but only if it was empty when we
+ * originally entered this function.
+ */
+ tmpret = i2v_GENERAL_NAME(method, gen, ret);
+ if (tmpret == NULL) {
+ if (origret == NULL)
+ sk_CONF_VALUE_pop_free(ret, X509V3_conf_free);
+ return NULL;
+ }
+ ret = tmpret;
}
- if (!ret)
+ if (ret == NULL)
return sk_CONF_VALUE_new_null();
return ret;
}
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index 089f2ae29f0c..ac6857267291 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -20,7 +20,7 @@
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
#include <openssl/x509.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include <openssl/bn.h>
#include "ext_dat.h"
@@ -256,6 +256,7 @@ static int extract_min_max(ASIdOrRange *aor,
static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
{
ASN1_INTEGER *a_max_plus_one = NULL;
+ ASN1_INTEGER *orig;
BIGNUM *bn = NULL;
int i, ret = 0;
@@ -298,9 +299,15 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
*/
if ((bn == NULL && (bn = BN_new()) == NULL) ||
ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
- !BN_add_word(bn, 1) ||
- (a_max_plus_one =
- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
+ !BN_add_word(bn, 1)) {
+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
+ ERR_R_MALLOC_FAILURE);
+ goto done;
+ }
+
+ if ((a_max_plus_one =
+ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) {
+ a_max_plus_one = orig;
X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
ERR_R_MALLOC_FAILURE);
goto done;
@@ -351,6 +358,7 @@ int X509v3_asid_is_canonical(ASIdentifiers *asid)
static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
{
ASN1_INTEGER *a_max_plus_one = NULL;
+ ASN1_INTEGER *orig;
BIGNUM *bn = NULL;
int i, ret = 0;
@@ -416,9 +424,15 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
*/
if ((bn == NULL && (bn = BN_new()) == NULL) ||
ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
- !BN_add_word(bn, 1) ||
- (a_max_plus_one =
- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
+ !BN_add_word(bn, 1)) {
+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+ ERR_R_MALLOC_FAILURE);
+ goto done;
+ }
+
+ if ((a_max_plus_one =
+ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) {
+ a_max_plus_one = orig;
X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
ERR_R_MALLOC_FAILURE);
goto done;
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 7acaebfa2250..e93de3454604 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -10,11 +10,11 @@
/* extension creation utilities */
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/conf.h>
#include <openssl/x509.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include <openssl/x509v3.h>
static int v3_check_critical(const char **value);
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 7a47fd38b379..1d12c899125c 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -14,7 +14,7 @@
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
-#include "pcy_int.h"
+#include "pcy_local.h"
#include "ext_dat.h"
/* Certificate policies extension support: this one is a bit complex... */
diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
index 6cba4240abf1..4854748ffb51 100644
--- a/crypto/x509v3/v3_crld.c
+++ b/crypto/x509v3/v3_crld.c
@@ -14,7 +14,7 @@
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include "ext_dat.h"
static void *v2i_crld(const X509V3_EXT_METHOD *method,
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index 9a2cd5af00c7..2a7b4f0992a8 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -10,12 +10,12 @@
#include "internal/cryptlib.h"
#include "internal/numbers.h"
#include <stdio.h>
-#include "internal/asn1_int.h"
+#include "crypto/asn1.h"
#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include "ext_dat.h"
static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 2f06289d1949..3f60c2ea1da3 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -12,7 +12,7 @@
#include "internal/numbers.h"
#include <openssl/x509v3.h>
#include <openssl/x509_vfy.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include "internal/tsan_assist.h"
static void x509v3_cache_extensions(X509 *x);
diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c
index 749f51b2f00e..c2e82045682a 100644
--- a/crypto/x509v3/v3_skey.c
+++ b/crypto/x509v3/v3_skey.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include "ext_dat.h"
static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index c9b40d2c76eb..7281a7b917a8 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -12,11 +12,11 @@
#include "e_os.h"
#include "internal/cryptlib.h"
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include <openssl/conf.h>
#include <openssl/crypto.h>
#include <openssl/x509v3.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
#include <openssl/bn.h>
#include "ext_dat.h"
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 08:23:57 +0000