1 files changed, 1 insertions, 55 deletions
diff --git a/src/lib/libcrypto/x509v3/pcy_map.c b/src/lib/libcrypto/x509v3/pcy_map.c
index f28796e6d4..21163b529d 100644
--- a/src/lib/libcrypto/x509v3/pcy_map.c
+++ b/src/lib/libcrypto/x509v3/pcy_map.c
@@ -62,31 +62,6 @@
 #include "pcy_int.h"
-static int ref_cmp(const X509_POLICY_REF * const *a,
-                        const X509_POLICY_REF * const *b)
-        {
-        return OBJ_cmp((*a)->subjectDomainPolicy, (*b)->subjectDomainPolicy);
-        }
-static void policy_map_free(X509_POLICY_REF *map)
-        {
-        if (map->subjectDomainPolicy)
-                ASN1_OBJECT_free(map->subjectDomainPolicy);
-        OPENSSL_free(map);
-        }
-static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache, ASN1_OBJECT *id)
-        {
-        X509_POLICY_REF tmp;
-        int idx;
-        tmp.subjectDomainPolicy = id;
-        idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
-        if (idx == -1)
-                return NULL;
-        return sk_X509_POLICY_REF_value(cache->maps, idx);
-        }
 /* Set policy mapping entries in cache.
 * Note: this modifies the passed POLICY_MAPPINGS structure
 */
@@ -94,7 +69,6 @@ static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache, ASN1_OBJECT *i
 int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
        {
        POLICY_MAPPING *map;
-        X509_POLICY_REF *ref = NULL;
        X509_POLICY_DATA *data;
        X509_POLICY_CACHE *cache = x->policy_cache;
        int i;
@@ -104,7 +78,6 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
                ret = -1;
                goto bad_mapping;
                }
-        cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
        for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)
                {
                map = sk_POLICY_MAPPING_value(maps, i);
@@ -116,13 +89,6 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
                        goto bad_mapping;
                        }
-                /* If we've already mapped from this OID bad mapping */
-                if (policy_map_find(cache, map->subjectDomainPolicy) != NULL)
-                        {
-                        ret = -1;
-                        goto bad_mapping;
-                        }
                /* Attempt to find matching policy data */
                data = policy_cache_find_data(cache, map->issuerDomainPolicy);
                /* If we don't have anyPolicy can't map */
@@ -138,7 +104,7 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
                        if (!data)
                                goto bad_mapping;
                        data->qualifier_set = cache->anyPolicy->qualifier_set;
-                        map->issuerDomainPolicy = NULL;
+                        /*map->issuerDomainPolicy = NULL;*/
                        data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
                        data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
                        if (!sk_X509_POLICY_DATA_push(cache->data, data))
@@ -149,23 +115,10 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
                        }
                else
                        data->flags |= POLICY_DATA_FLAG_MAPPED;
                if (!sk_ASN1_OBJECT_push(data->expected_policy_set, 
                                                map->subjectDomainPolicy))
                        goto bad_mapping;
-                
-                ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
-                if (!ref)
-                        goto bad_mapping;
-                ref->subjectDomainPolicy = map->subjectDomainPolicy;
                map->subjectDomainPolicy = NULL;
-                ref->data = data;
-                if (!sk_X509_POLICY_REF_push(cache->maps, ref))
-                        goto bad_mapping;
-                ref = NULL;
                }
@@ -173,13 +126,6 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
        bad_mapping:
        if (ret == -1)
                x->ex_flags |= EXFLAG_INVALID_POLICY;
-        if (ref)
-                policy_map_free(ref);
-        if (ret <= 0)
-                {
-                sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
-                cache->maps = NULL;
-                }
        sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
        return ret;

diff --git a/src/lib/libcrypto/x509v3/pcy_map.c b/src/lib/libcrypto/x509v3/pcy_map.c index f28796e6d4..21163b529d 100644 --- a/src/lib/libcrypto/x509v3/pcy_map.c +++ b/src/lib/libcrypto/x509v3/pcy_map.c
@@ -62,31 +62,6 @@
62		62
63	#include "pcy_int.h"	63	#include "pcy_int.h"
64		64
65	static int ref_cmp(const X509_POLICY_REF * const *a,
66	const X509_POLICY_REF * const *b)
67	{
68	return OBJ_cmp((a)->subjectDomainPolicy, (b)->subjectDomainPolicy);
69	}
70
71	static void policy_map_free(X509_POLICY_REF *map)
72	{
73	if (map->subjectDomainPolicy)
74	ASN1_OBJECT_free(map->subjectDomainPolicy);
75	OPENSSL_free(map);
76	}
77
78	static X509_POLICY_REF policy_map_find(X509_POLICY_CACHE cache, ASN1_OBJECT *id)
79	{
80	X509_POLICY_REF tmp;
81	int idx;
82	tmp.subjectDomainPolicy = id;
83
84	idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
85	if (idx == -1)
86	return NULL;
87	return sk_X509_POLICY_REF_value(cache->maps, idx);
88	}
89
90	/* Set policy mapping entries in cache.	65	/* Set policy mapping entries in cache.
91	* Note: this modifies the passed POLICY_MAPPINGS structure	66	* Note: this modifies the passed POLICY_MAPPINGS structure
92	*/	67	*/
@@ -94,7 +69,6 @@ static X509_POLICY_REF policy_map_find(X509_POLICY_CACHE cache, ASN1_OBJECT *i
94	int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)	69	int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
95	{	70	{
96	POLICY_MAPPING *map;	71	POLICY_MAPPING *map;
97	X509_POLICY_REF *ref = NULL;
98	X509_POLICY_DATA *data;	72	X509_POLICY_DATA *data;
99	X509_POLICY_CACHE *cache = x->policy_cache;	73	X509_POLICY_CACHE *cache = x->policy_cache;
100	int i;	74	int i;
@@ -104,7 +78,6 @@ int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
104	ret = -1;	78	ret = -1;
105	goto bad_mapping;	79	goto bad_mapping;
106	}	80	}
107	cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
108	for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)	81	for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)
109	{	82	{
110	map = sk_POLICY_MAPPING_value(maps, i);	83	map = sk_POLICY_MAPPING_value(maps, i);
@@ -116,13 +89,6 @@ int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
116	goto bad_mapping;	89	goto bad_mapping;
117	}	90	}
118		91
119	/* If we've already mapped from this OID bad mapping */
120	if (policy_map_find(cache, map->subjectDomainPolicy) != NULL)
121	{
122	ret = -1;
123	goto bad_mapping;
124	}
125
126	/* Attempt to find matching policy data */	92	/* Attempt to find matching policy data */
127	data = policy_cache_find_data(cache, map->issuerDomainPolicy);	93	data = policy_cache_find_data(cache, map->issuerDomainPolicy);
128	/* If we don't have anyPolicy can't map */	94	/* If we don't have anyPolicy can't map */
@@ -138,7 +104,7 @@ int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
138	if (!data)	104	if (!data)
139	goto bad_mapping;	105	goto bad_mapping;
140	data->qualifier_set = cache->anyPolicy->qualifier_set;	106	data->qualifier_set = cache->anyPolicy->qualifier_set;
141	map->issuerDomainPolicy = NULL;	107	/map->issuerDomainPolicy = NULL;/
142	data->flags \|= POLICY_DATA_FLAG_MAPPED_ANY;	108	data->flags \|= POLICY_DATA_FLAG_MAPPED_ANY;
143	data->flags \|= POLICY_DATA_FLAG_SHARED_QUALIFIERS;	109	data->flags \|= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
144	if (!sk_X509_POLICY_DATA_push(cache->data, data))	110	if (!sk_X509_POLICY_DATA_push(cache->data, data))
@@ -149,23 +115,10 @@ int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
149	}	115	}
150	else	116	else
151	data->flags \|= POLICY_DATA_FLAG_MAPPED;	117	data->flags \|= POLICY_DATA_FLAG_MAPPED;
152
153	if (!sk_ASN1_OBJECT_push(data->expected_policy_set,	118	if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
154	map->subjectDomainPolicy))	119	map->subjectDomainPolicy))
155	goto bad_mapping;	120	goto bad_mapping;
156
157	ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
158	if (!ref)
159	goto bad_mapping;
160
161	ref->subjectDomainPolicy = map->subjectDomainPolicy;
162	map->subjectDomainPolicy = NULL;	121	map->subjectDomainPolicy = NULL;
163	ref->data = data;
164
165	if (!sk_X509_POLICY_REF_push(cache->maps, ref))
166	goto bad_mapping;
167
168	ref = NULL;
169		122
170	}	123	}
171		124
@@ -173,13 +126,6 @@ int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
173	bad_mapping:	126	bad_mapping:
174	if (ret == -1)	127	if (ret == -1)
175	x->ex_flags \|= EXFLAG_INVALID_POLICY;	128	x->ex_flags \|= EXFLAG_INVALID_POLICY;
176	if (ref)
177	policy_map_free(ref);
178	if (ret <= 0)
179	{
180	sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
181	cache->maps = NULL;
182	}
183	sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);	129	sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
184	return ret;	130	return ret;
185		131