diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_addr.c | 38 |
1 files changed, 15 insertions, 23 deletions
diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c index 4e5e0b3b7e..68145dcf5b 100644 --- a/src/lib/libcrypto/x509/x509_addr.c +++ b/src/lib/libcrypto/x509/x509_addr.c | |||
| @@ -1078,7 +1078,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1078 | int i; | 1078 | int i; |
| 1079 | 1079 | ||
| 1080 | if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) { | 1080 | if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) { |
| 1081 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); | 1081 | X509V3error(ERR_R_MALLOC_FAILURE); |
| 1082 | return NULL; | 1082 | return NULL; |
| 1083 | } | 1083 | } |
| 1084 | 1084 | ||
| @@ -1100,8 +1100,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1100 | afi = IANA_AFI_IPV6; | 1100 | afi = IANA_AFI_IPV6; |
| 1101 | safi = &safi_; | 1101 | safi = &safi_; |
| 1102 | } else { | 1102 | } else { |
| 1103 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1103 | X509V3error(X509V3_R_EXTENSION_NAME_ERROR); |
| 1104 | X509V3_R_EXTENSION_NAME_ERROR); | ||
| 1105 | X509V3_conf_err(val); | 1104 | X509V3_conf_err(val); |
| 1106 | goto err; | 1105 | goto err; |
| 1107 | } | 1106 | } |
| @@ -1125,7 +1124,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1125 | *safi = strtoul(val->value, &t, 0); | 1124 | *safi = strtoul(val->value, &t, 0); |
| 1126 | t += strspn(t, " \t"); | 1125 | t += strspn(t, " \t"); |
| 1127 | if (*safi > 0xFF || *t++ != ':') { | 1126 | if (*safi > 0xFF || *t++ != ':') { |
| 1128 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI); | 1127 | X509V3error(X509V3_R_INVALID_SAFI); |
| 1129 | X509V3_conf_err(val); | 1128 | X509V3_conf_err(val); |
| 1130 | goto err; | 1129 | goto err; |
| 1131 | } | 1130 | } |
| @@ -1135,7 +1134,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1135 | s = OPENSSL_strdup(val->value); | 1134 | s = OPENSSL_strdup(val->value); |
| 1136 | } | 1135 | } |
| 1137 | if (s == NULL) { | 1136 | if (s == NULL) { |
| 1138 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); | 1137 | X509V3error(ERR_R_MALLOC_FAILURE); |
| 1139 | goto err; | 1138 | goto err; |
| 1140 | } | 1139 | } |
| 1141 | 1140 | ||
| @@ -1145,8 +1144,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1145 | */ | 1144 | */ |
| 1146 | if (strcmp(s, "inherit") == 0) { | 1145 | if (strcmp(s, "inherit") == 0) { |
| 1147 | if (!X509v3_addr_add_inherit(addr, afi, safi)) { | 1146 | if (!X509v3_addr_add_inherit(addr, afi, safi)) { |
| 1148 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1147 | X509V3error(X509V3_R_INVALID_INHERITANCE); |
| 1149 | X509V3_R_INVALID_INHERITANCE); | ||
| 1150 | X509V3_conf_err(val); | 1148 | X509V3_conf_err(val); |
| 1151 | goto err; | 1149 | goto err; |
| 1152 | } | 1150 | } |
| @@ -1161,7 +1159,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1161 | s[i1] = '\0'; | 1159 | s[i1] = '\0'; |
| 1162 | 1160 | ||
| 1163 | if (a2i_ipadd(min, s) != length) { | 1161 | if (a2i_ipadd(min, s) != length) { |
| 1164 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS); | 1162 | X509V3error(X509V3_R_INVALID_IPADDRESS); |
| 1165 | X509V3_conf_err(val); | 1163 | X509V3_conf_err(val); |
| 1166 | goto err; | 1164 | goto err; |
| 1167 | } | 1165 | } |
| @@ -1170,13 +1168,12 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1170 | case '/': | 1168 | case '/': |
| 1171 | prefixlen = (int)strtoul(s + i2, &t, 10); | 1169 | prefixlen = (int)strtoul(s + i2, &t, 10); |
| 1172 | if (t == s + i2 || *t != '\0') { | 1170 | if (t == s + i2 || *t != '\0') { |
| 1173 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1171 | X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); |
| 1174 | X509V3_R_EXTENSION_VALUE_ERROR); | ||
| 1175 | X509V3_conf_err(val); | 1172 | X509V3_conf_err(val); |
| 1176 | goto err; | 1173 | goto err; |
| 1177 | } | 1174 | } |
| 1178 | if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) { | 1175 | if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) { |
| 1179 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); | 1176 | X509V3error(ERR_R_MALLOC_FAILURE); |
| 1180 | goto err; | 1177 | goto err; |
| 1181 | } | 1178 | } |
| 1182 | break; | 1179 | break; |
| @@ -1184,37 +1181,33 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, | |||
| 1184 | i1 = i2 + strspn(s + i2, " \t"); | 1181 | i1 = i2 + strspn(s + i2, " \t"); |
| 1185 | i2 = i1 + strspn(s + i1, addr_chars); | 1182 | i2 = i1 + strspn(s + i1, addr_chars); |
| 1186 | if (i1 == i2 || s[i2] != '\0') { | 1183 | if (i1 == i2 || s[i2] != '\0') { |
| 1187 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1184 | X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); |
| 1188 | X509V3_R_EXTENSION_VALUE_ERROR); | ||
| 1189 | X509V3_conf_err(val); | 1185 | X509V3_conf_err(val); |
| 1190 | goto err; | 1186 | goto err; |
| 1191 | } | 1187 | } |
| 1192 | if (a2i_ipadd(max, s + i1) != length) { | 1188 | if (a2i_ipadd(max, s + i1) != length) { |
| 1193 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1189 | X509V3error(X509V3_R_INVALID_IPADDRESS); |
| 1194 | X509V3_R_INVALID_IPADDRESS); | ||
| 1195 | X509V3_conf_err(val); | 1190 | X509V3_conf_err(val); |
| 1196 | goto err; | 1191 | goto err; |
| 1197 | } | 1192 | } |
| 1198 | if (memcmp(min, max, length_from_afi(afi)) > 0) { | 1193 | if (memcmp(min, max, length_from_afi(afi)) > 0) { |
| 1199 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1194 | X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); |
| 1200 | X509V3_R_EXTENSION_VALUE_ERROR); | ||
| 1201 | X509V3_conf_err(val); | 1195 | X509V3_conf_err(val); |
| 1202 | goto err; | 1196 | goto err; |
| 1203 | } | 1197 | } |
| 1204 | if (!X509v3_addr_add_range(addr, afi, safi, min, max)) { | 1198 | if (!X509v3_addr_add_range(addr, afi, safi, min, max)) { |
| 1205 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); | 1199 | X509V3error(ERR_R_MALLOC_FAILURE); |
| 1206 | goto err; | 1200 | goto err; |
| 1207 | } | 1201 | } |
| 1208 | break; | 1202 | break; |
| 1209 | case '\0': | 1203 | case '\0': |
| 1210 | if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) { | 1204 | if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) { |
| 1211 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); | 1205 | X509V3error(ERR_R_MALLOC_FAILURE); |
| 1212 | goto err; | 1206 | goto err; |
| 1213 | } | 1207 | } |
| 1214 | break; | 1208 | break; |
| 1215 | default: | 1209 | default: |
| 1216 | X509V3err(X509V3_F_V2I_IPADDRBLOCKS, | 1210 | X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); |
| 1217 | X509V3_R_EXTENSION_VALUE_ERROR); | ||
| 1218 | X509V3_conf_err(val); | 1211 | X509V3_conf_err(val); |
| 1219 | goto err; | 1212 | goto err; |
| 1220 | } | 1213 | } |
| @@ -1391,8 +1384,7 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx, | |||
| 1391 | validation_err(X509_V_ERR_INVALID_EXTENSION); | 1384 | validation_err(X509_V_ERR_INVALID_EXTENSION); |
| 1392 | (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); | 1385 | (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); |
| 1393 | if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { | 1386 | if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { |
| 1394 | X509V3err(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL, | 1387 | X509V3error(ERR_R_MALLOC_FAILURE); |
| 1395 | ERR_R_MALLOC_FAILURE); | ||
| 1396 | if (ctx != NULL) | 1388 | if (ctx != NULL) |
| 1397 | ctx->error = X509_V_ERR_OUT_OF_MEM; | 1389 | ctx->error = X509_V_ERR_OUT_OF_MEM; |
| 1398 | ret = 0; | 1390 | ret = 0; |