1 files changed, 48 insertions, 57 deletions
diff --git a/src/lib/libcrypto/x509v3/pcy_node.c b/src/lib/libcrypto/x509v3/pcy_node.c
index 8c2124a7f6..1742ab0d05 100644
--- a/src/lib/libcrypto/x509v3/pcy_node.c
+++ b/src/lib/libcrypto/x509v3/pcy_node.c
@@ -10,7 +10,7 @@
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
@@ -62,20 +62,20 @@
 #include "pcy_int.h"
-static int node_cmp(const X509_POLICY_NODE * const *a,
+static int
-                        const X509_POLICY_NODE * const *b)
+node_cmp(const X509_POLICY_NODE * const *a, const X509_POLICY_NODE * const *b)
-        {
+{
        return OBJ_cmp((*a)->data->valid_policy, (*b)->data->valid_policy);
-        }
+}
 STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
-        {
+{
        return sk_X509_POLICY_NODE_new(node_cmp);
-        }
+}
-X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes,
+X509_POLICY_NODE *
-                                        const ASN1_OBJECT *id)
+tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes, const ASN1_OBJECT *id)
-        {
+{
        X509_POLICY_DATA n;
        X509_POLICY_NODE l;
        int idx;
@@ -88,49 +88,43 @@ X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes,
                return NULL;
        return sk_X509_POLICY_NODE_value(nodes, idx);
+}
-        }
+X509_POLICY_NODE *
+level_find_node(const X509_POLICY_LEVEL *level, const X509_POLICY_NODE *parent,
-X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+    const ASN1_OBJECT *id)
-                                        const X509_POLICY_NODE *parent, 
+{
-                                        const ASN1_OBJECT *id)
-        {
        X509_POLICY_NODE *node;
        int i;
-        for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++)
-                {
+        for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
                node = sk_X509_POLICY_NODE_value(level->nodes, i);
-                if (node->parent == parent)
+                if (node->parent == parent) {
-                        {
                        if (!OBJ_cmp(node->data->valid_policy, id))
                                return node;
-                        }
                }
-        return NULL;
        }
+        return NULL;
+}
-X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
+X509_POLICY_NODE *
-                        const X509_POLICY_DATA *data,
+level_add_node(X509_POLICY_LEVEL *level, const X509_POLICY_DATA *data,
-                        X509_POLICY_NODE *parent,
+    X509_POLICY_NODE *parent, X509_POLICY_TREE *tree)
-                        X509_POLICY_TREE *tree)
+{
-        {
        X509_POLICY_NODE *node;
        node = malloc(sizeof(X509_POLICY_NODE));
        if (!node)
                return NULL;
        node->data = data;
        node->parent = parent;
        node->nchild = 0;
-        if (level)
+        if (level) {
-                {
+                if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
-                if (OBJ_obj2nid(data->valid_policy) == NID_any_policy)
-                        {
                        if (level->anyPolicy)
                                goto node_error;
                        level->anyPolicy = node;
-                        }
+                } else {
-                else
-                        {
                        if (!level->nodes)
                                level->nodes = policy_node_cmp_new();
@@ -138,60 +132,57 @@ X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
                                goto node_error;
                        if (!sk_X509_POLICY_NODE_push(level->nodes, node))
                                goto node_error;
-                        }
                }
+        }
-        if (tree)
+        if (tree) {
-                {
                if (!tree->extra_data)
-                         tree->extra_data = sk_X509_POLICY_DATA_new_null();
+                        tree->extra_data = sk_X509_POLICY_DATA_new_null();
                if (!tree->extra_data)
                        goto node_error;
                if (!sk_X509_POLICY_DATA_push(tree->extra_data, data))
                        goto node_error;
-                }
+        }
        if (parent)
                parent->nchild++;
        return node;
-        node_error:
+node_error:
        policy_node_free(node);
        return 0;
+}
-        }
+void
+policy_node_free(X509_POLICY_NODE *node)
-void policy_node_free(X509_POLICY_NODE *node)
+{
-        {
        free(node);
-        }
+}
 /* See if a policy node matches a policy OID. If mapping enabled look through
 * expected policy set otherwise just valid policy.
 */
-int policy_node_match(const X509_POLICY_LEVEL *lvl,
+int
-                      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid)
+policy_node_match(const X509_POLICY_LEVEL *lvl, const X509_POLICY_NODE *node,
-        {
+    const ASN1_OBJECT *oid)
+{
        int i;
        ASN1_OBJECT *policy_oid;
        const X509_POLICY_DATA *x = node->data;
-        if (        (lvl->flags & X509_V_FLAG_INHIBIT_MAP)
+        if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP) ||
-                || !(x->flags & POLICY_DATA_FLAG_MAP_MASK))
+            !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
-                {
                if (!OBJ_cmp(x->valid_policy, oid))
                        return 1;
                return 0;
-                }
+        }
-        for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++)
+        for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
-                {
                policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
                if (!OBJ_cmp(policy_oid, oid))
                        return 1;
-                }
-        return 0;
        }
+        return 0;
+}

diff --git a/src/lib/libcrypto/x509v3/pcy_node.c b/src/lib/libcrypto/x509v3/pcy_node.c index 8c2124a7f6..1742ab0d05 100644 --- a/src/lib/libcrypto/x509v3/pcy_node.c +++ b/src/lib/libcrypto/x509v3/pcy_node.c
@@ -10,7 +10,7 @@
10	* are met:	10	* are met:
11	*	11	*
12	* 1. Redistributions of source code must retain the above copyright	12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.	13	* notice, this list of conditions and the following disclaimer.
14	*	14	*
15	* 2. Redistributions in binary form must reproduce the above copyright	15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in	16	* notice, this list of conditions and the following disclaimer in
@@ -62,20 +62,20 @@
62		62
63	#include "pcy_int.h"	63	#include "pcy_int.h"
64		64
65	static int node_cmp(const X509_POLICY_NODE * const *a,	65	static int
66	const X509_POLICY_NODE * const *b)	66	node_cmp(const X509_POLICY_NODE * const a, const X509_POLICY_NODE const *b)
67	{	67	{
68	return OBJ_cmp((a)->data->valid_policy, (b)->data->valid_policy);	68	return OBJ_cmp((a)->data->valid_policy, (b)->data->valid_policy);
69	}	69	}
70		70
71	STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)	71	STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
72	{	72	{
73	return sk_X509_POLICY_NODE_new(node_cmp);	73	return sk_X509_POLICY_NODE_new(node_cmp);
74	}	74	}
75		75
76	X509_POLICY_NODE tree_find_sk(STACK_OF(X509_POLICY_NODE) nodes,	76	X509_POLICY_NODE *
77	const ASN1_OBJECT *id)	77	tree_find_sk(STACK_OF(X509_POLICY_NODE) nodes, const ASN1_OBJECT id)
78	{	78	{
79	X509_POLICY_DATA n;	79	X509_POLICY_DATA n;
80	X509_POLICY_NODE l;	80	X509_POLICY_NODE l;
81	int idx;	81	int idx;
@@ -88,49 +88,43 @@ X509_POLICY_NODE tree_find_sk(STACK_OF(X509_POLICY_NODE) nodes,
88	return NULL;	88	return NULL;
89		89
90	return sk_X509_POLICY_NODE_value(nodes, idx);	90	return sk_X509_POLICY_NODE_value(nodes, idx);
		91	}
91		92
92	}	93	X509_POLICY_NODE *
93		94	level_find_node(const X509_POLICY_LEVEL level, const X509_POLICY_NODE parent,
94	X509_POLICY_NODE level_find_node(const X509_POLICY_LEVEL level,	95	const ASN1_OBJECT *id)
95	const X509_POLICY_NODE *parent,	96	{
96	const ASN1_OBJECT *id)
97	{
98	X509_POLICY_NODE *node;	97	X509_POLICY_NODE *node;
99	int i;	98	int i;
100	for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++)	99
101	{	100	for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
102	node = sk_X509_POLICY_NODE_value(level->nodes, i);	101	node = sk_X509_POLICY_NODE_value(level->nodes, i);
103	if (node->parent == parent)	102	if (node->parent == parent) {
104	{
105	if (!OBJ_cmp(node->data->valid_policy, id))	103	if (!OBJ_cmp(node->data->valid_policy, id))
106	return node;	104	return node;
107	}
108	}	105	}
109	return NULL;
110	}	106	}
		107	return NULL;
		108	}
111		109
112	X509_POLICY_NODE level_add_node(X509_POLICY_LEVEL level,	110	X509_POLICY_NODE *
113	const X509_POLICY_DATA *data,	111	level_add_node(X509_POLICY_LEVEL level, const X509_POLICY_DATA data,
114	X509_POLICY_NODE *parent,	112	X509_POLICY_NODE parent, X509_POLICY_TREE tree)
115	X509_POLICY_TREE *tree)	113	{
116	{
117	X509_POLICY_NODE *node;	114	X509_POLICY_NODE *node;
		115
118	node = malloc(sizeof(X509_POLICY_NODE));	116	node = malloc(sizeof(X509_POLICY_NODE));
119	if (!node)	117	if (!node)
120	return NULL;	118	return NULL;
121	node->data = data;	119	node->data = data;
122	node->parent = parent;	120	node->parent = parent;
123	node->nchild = 0;	121	node->nchild = 0;
124	if (level)	122	if (level) {
125	{	123	if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
126	if (OBJ_obj2nid(data->valid_policy) == NID_any_policy)
127	{
128	if (level->anyPolicy)	124	if (level->anyPolicy)
129	goto node_error;	125	goto node_error;
130	level->anyPolicy = node;	126	level->anyPolicy = node;
131	}	127	} else {
132	else
133	{
134		128
135	if (!level->nodes)	129	if (!level->nodes)
136	level->nodes = policy_node_cmp_new();	130	level->nodes = policy_node_cmp_new();
@@ -138,60 +132,57 @@ X509_POLICY_NODE level_add_node(X509_POLICY_LEVEL level,
138	goto node_error;	132	goto node_error;
139	if (!sk_X509_POLICY_NODE_push(level->nodes, node))	133	if (!sk_X509_POLICY_NODE_push(level->nodes, node))
140	goto node_error;	134	goto node_error;
141	}
142	}	135	}
		136	}
143		137
144	if (tree)	138	if (tree) {
145	{
146	if (!tree->extra_data)	139	if (!tree->extra_data)
147	tree->extra_data = sk_X509_POLICY_DATA_new_null();	140	tree->extra_data = sk_X509_POLICY_DATA_new_null();
148	if (!tree->extra_data)	141	if (!tree->extra_data)
149	goto node_error;	142	goto node_error;
150	if (!sk_X509_POLICY_DATA_push(tree->extra_data, data))	143	if (!sk_X509_POLICY_DATA_push(tree->extra_data, data))
151	goto node_error;	144	goto node_error;
152	}	145	}
153		146
154	if (parent)	147	if (parent)
155	parent->nchild++;	148	parent->nchild++;
156		149
157	return node;	150	return node;
158		151
159	node_error:	152	node_error:
160	policy_node_free(node);	153	policy_node_free(node);
161	return 0;	154	return 0;
		155	}
162		156
163	}	157	void
164		158	policy_node_free(X509_POLICY_NODE *node)
165	void policy_node_free(X509_POLICY_NODE *node)	159	{
166	{
167	free(node);	160	free(node);
168	}	161	}
169		162
170	/* See if a policy node matches a policy OID. If mapping enabled look through	163	/* See if a policy node matches a policy OID. If mapping enabled look through
171	* expected policy set otherwise just valid policy.	164	* expected policy set otherwise just valid policy.
172	*/	165	*/
173		166
174	int policy_node_match(const X509_POLICY_LEVEL *lvl,	167	int
175	const X509_POLICY_NODE node, const ASN1_OBJECT oid)	168	policy_node_match(const X509_POLICY_LEVEL lvl, const X509_POLICY_NODE node,
176	{	169	const ASN1_OBJECT *oid)
		170	{
177	int i;	171	int i;
178	ASN1_OBJECT *policy_oid;	172	ASN1_OBJECT *policy_oid;
179	const X509_POLICY_DATA *x = node->data;	173	const X509_POLICY_DATA *x = node->data;
180		174
181	if ( (lvl->flags & X509_V_FLAG_INHIBIT_MAP)	175	if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP) \|\|
182	\|\| !(x->flags & POLICY_DATA_FLAG_MAP_MASK))	176	!(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
183	{
184	if (!OBJ_cmp(x->valid_policy, oid))	177	if (!OBJ_cmp(x->valid_policy, oid))
185	return 1;	178	return 1;
186	return 0;	179	return 0;
187	}	180	}
188		181
189	for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++)	182	for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
190	{
191	policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);	183	policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
192	if (!OBJ_cmp(policy_oid, oid))	184	if (!OBJ_cmp(policy_oid, oid))
193	return 1;	185	return 1;
194	}
195	return 0;
196
197	}	186	}
		187	return 0;
		188	}