summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_addr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509/x509_addr.c')
-rw-r--r--src/lib/libcrypto/x509/x509_addr.c38
1 files changed, 15 insertions, 23 deletions
diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c
index 4e5e0b3b7e..68145dcf5b 100644
--- a/src/lib/libcrypto/x509/x509_addr.c
+++ b/src/lib/libcrypto/x509/x509_addr.c
@@ -1078,7 +1078,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1078 int i; 1078 int i;
1079 1079
1080 if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) { 1080 if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
1081 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); 1081 X509V3error(ERR_R_MALLOC_FAILURE);
1082 return NULL; 1082 return NULL;
1083 } 1083 }
1084 1084
@@ -1100,8 +1100,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1100 afi = IANA_AFI_IPV6; 1100 afi = IANA_AFI_IPV6;
1101 safi = &safi_; 1101 safi = &safi_;
1102 } else { 1102 } else {
1103 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1103 X509V3error(X509V3_R_EXTENSION_NAME_ERROR);
1104 X509V3_R_EXTENSION_NAME_ERROR);
1105 X509V3_conf_err(val); 1104 X509V3_conf_err(val);
1106 goto err; 1105 goto err;
1107 } 1106 }
@@ -1125,7 +1124,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1125 *safi = strtoul(val->value, &t, 0); 1124 *safi = strtoul(val->value, &t, 0);
1126 t += strspn(t, " \t"); 1125 t += strspn(t, " \t");
1127 if (*safi > 0xFF || *t++ != ':') { 1126 if (*safi > 0xFF || *t++ != ':') {
1128 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI); 1127 X509V3error(X509V3_R_INVALID_SAFI);
1129 X509V3_conf_err(val); 1128 X509V3_conf_err(val);
1130 goto err; 1129 goto err;
1131 } 1130 }
@@ -1135,7 +1134,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1135 s = OPENSSL_strdup(val->value); 1134 s = OPENSSL_strdup(val->value);
1136 } 1135 }
1137 if (s == NULL) { 1136 if (s == NULL) {
1138 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); 1137 X509V3error(ERR_R_MALLOC_FAILURE);
1139 goto err; 1138 goto err;
1140 } 1139 }
1141 1140
@@ -1145,8 +1144,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1145 */ 1144 */
1146 if (strcmp(s, "inherit") == 0) { 1145 if (strcmp(s, "inherit") == 0) {
1147 if (!X509v3_addr_add_inherit(addr, afi, safi)) { 1146 if (!X509v3_addr_add_inherit(addr, afi, safi)) {
1148 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1147 X509V3error(X509V3_R_INVALID_INHERITANCE);
1149 X509V3_R_INVALID_INHERITANCE);
1150 X509V3_conf_err(val); 1148 X509V3_conf_err(val);
1151 goto err; 1149 goto err;
1152 } 1150 }
@@ -1161,7 +1159,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1161 s[i1] = '\0'; 1159 s[i1] = '\0';
1162 1160
1163 if (a2i_ipadd(min, s) != length) { 1161 if (a2i_ipadd(min, s) != length) {
1164 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS); 1162 X509V3error(X509V3_R_INVALID_IPADDRESS);
1165 X509V3_conf_err(val); 1163 X509V3_conf_err(val);
1166 goto err; 1164 goto err;
1167 } 1165 }
@@ -1170,13 +1168,12 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1170 case '/': 1168 case '/':
1171 prefixlen = (int)strtoul(s + i2, &t, 10); 1169 prefixlen = (int)strtoul(s + i2, &t, 10);
1172 if (t == s + i2 || *t != '\0') { 1170 if (t == s + i2 || *t != '\0') {
1173 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1171 X509V3error(X509V3_R_EXTENSION_VALUE_ERROR);
1174 X509V3_R_EXTENSION_VALUE_ERROR);
1175 X509V3_conf_err(val); 1172 X509V3_conf_err(val);
1176 goto err; 1173 goto err;
1177 } 1174 }
1178 if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) { 1175 if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
1179 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); 1176 X509V3error(ERR_R_MALLOC_FAILURE);
1180 goto err; 1177 goto err;
1181 } 1178 }
1182 break; 1179 break;
@@ -1184,37 +1181,33 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
1184 i1 = i2 + strspn(s + i2, " \t"); 1181 i1 = i2 + strspn(s + i2, " \t");
1185 i2 = i1 + strspn(s + i1, addr_chars); 1182 i2 = i1 + strspn(s + i1, addr_chars);
1186 if (i1 == i2 || s[i2] != '\0') { 1183 if (i1 == i2 || s[i2] != '\0') {
1187 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1184 X509V3error(X509V3_R_EXTENSION_VALUE_ERROR);
1188 X509V3_R_EXTENSION_VALUE_ERROR);
1189 X509V3_conf_err(val); 1185 X509V3_conf_err(val);
1190 goto err; 1186 goto err;
1191 } 1187 }
1192 if (a2i_ipadd(max, s + i1) != length) { 1188 if (a2i_ipadd(max, s + i1) != length) {
1193 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1189 X509V3error(X509V3_R_INVALID_IPADDRESS);
1194 X509V3_R_INVALID_IPADDRESS);
1195 X509V3_conf_err(val); 1190 X509V3_conf_err(val);
1196 goto err; 1191 goto err;
1197 } 1192 }
1198 if (memcmp(min, max, length_from_afi(afi)) > 0) { 1193 if (memcmp(min, max, length_from_afi(afi)) > 0) {
1199 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1194 X509V3error(X509V3_R_EXTENSION_VALUE_ERROR);
1200 X509V3_R_EXTENSION_VALUE_ERROR);
1201 X509V3_conf_err(val); 1195 X509V3_conf_err(val);
1202 goto err; 1196 goto err;
1203 } 1197 }
1204 if (!X509v3_addr_add_range(addr, afi, safi, min, max)) { 1198 if (!X509v3_addr_add_range(addr, afi, safi, min, max)) {
1205 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); 1199 X509V3error(ERR_R_MALLOC_FAILURE);
1206 goto err; 1200 goto err;
1207 } 1201 }
1208 break; 1202 break;
1209 case '\0': 1203 case '\0':
1210 if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) { 1204 if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
1211 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); 1205 X509V3error(ERR_R_MALLOC_FAILURE);
1212 goto err; 1206 goto err;
1213 } 1207 }
1214 break; 1208 break;
1215 default: 1209 default:
1216 X509V3err(X509V3_F_V2I_IPADDRBLOCKS, 1210 X509V3error(X509V3_R_EXTENSION_VALUE_ERROR);
1217 X509V3_R_EXTENSION_VALUE_ERROR);
1218 X509V3_conf_err(val); 1211 X509V3_conf_err(val);
1219 goto err; 1212 goto err;
1220 } 1213 }
@@ -1391,8 +1384,7 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
1391 validation_err(X509_V_ERR_INVALID_EXTENSION); 1384 validation_err(X509_V_ERR_INVALID_EXTENSION);
1392 (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); 1385 (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
1393 if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { 1386 if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
1394 X509V3err(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL, 1387 X509V3error(ERR_R_MALLOC_FAILURE);
1395 ERR_R_MALLOC_FAILURE);
1396 if (ctx != NULL) 1388 if (ctx != NULL)
1397 ctx->error = X509_V_ERR_OUT_OF_MEM; 1389 ctx->error = X509_V_ERR_OUT_OF_MEM;
1398 ret = 0; 1390 ret = 0;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 12:57:10 +0000