1 files changed, 0 insertions, 313 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_pci.c b/src/lib/libcrypto/x509v3/v3_pci.c
deleted file mode 100644
index b32d968619..0000000000
--- a/src/lib/libcrypto/x509v3/v3_pci.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */
-/* Contributed to the OpenSSL Project 2004
- * by Richard Levitte (richard@levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
-        BIO *out, int indent);
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
-        X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_pci =
-        { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
-          0,0,0,0,
-          0,0,
-          NULL, NULL,
-          (X509V3_EXT_I2R)i2r_pci,
-          (X509V3_EXT_R2I)r2i_pci,
-          NULL,
-        };
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
-        BIO *out, int indent)
-        {
-        BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
-        if (pci->pcPathLengthConstraint)
-          i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
-        else
-          BIO_printf(out, "infinite");
-        BIO_puts(out, "\n");
-        BIO_printf(out, "%*sPolicy Language: ", indent, "");
-        i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
-        BIO_puts(out, "\n");
-        if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
-          BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
-                     pci->proxyPolicy->policy->data);
-        return 1;
-        }
-static int process_pci_value(CONF_VALUE *val,
-        ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
-        ASN1_OCTET_STRING **policy)
-        {
-        int free_policy = 0;
-        if (strcmp(val->name, "language") == 0)
-                {
-                if (*language)
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED);
-                        X509V3_conf_err(val);
-                        return 0;
-                        }
-                if (!(*language = OBJ_txt2obj(val->value, 0)))
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_OBJECT_IDENTIFIER);
-                        X509V3_conf_err(val);
-                        return 0;
-                        }
-                }
-        else if (strcmp(val->name, "pathlen") == 0)
-                {
-                if (*pathlen)
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED);
-                        X509V3_conf_err(val);
-                        return 0;
-                        }
-                if (!X509V3_get_value_int(val, pathlen))
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH);
-                        X509V3_conf_err(val);
-                        return 0;
-                        }
-                }
-        else if (strcmp(val->name, "policy") == 0)
-                {
-                unsigned char *tmp_data = NULL;
-                long val_len;
-                if (!*policy)
-                        {
-                        *policy = ASN1_OCTET_STRING_new();
-                        if (!*policy)
-                                {
-                                X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
-                                X509V3_conf_err(val);
-                                return 0;
-                                }
-                        free_policy = 1;
-                        }
-                if (strncmp(val->value, "hex:", 4) == 0)
-                        {
-                        unsigned char *tmp_data2 =
-                                string_to_hex(val->value + 4, &val_len);
-                        if (!tmp_data2) goto err;
-                        tmp_data = OPENSSL_realloc((*policy)->data,
-                                (*policy)->length + val_len + 1);
-                        if (tmp_data)
-                                {
-                                (*policy)->data = tmp_data;
-                                memcpy(&(*policy)->data[(*policy)->length],
-                                        tmp_data2, val_len);
-                                (*policy)->length += val_len;
-                                (*policy)->data[(*policy)->length] = '\0';
-                                }
-                        }
-                else if (strncmp(val->value, "file:", 5) == 0)
-                        {
-                        unsigned char buf[2048];
-                        int n;
-                        BIO *b = BIO_new_file(val->value + 5, "r");
-                        if (!b)
-                                {
-                                X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
-                                X509V3_conf_err(val);
-                                goto err;
-                                }
-                        while((n = BIO_read(b, buf, sizeof(buf))) > 0
-                                || (n == 0 && BIO_should_retry(b)))
-                                {
-                                if (!n) continue;
-                                tmp_data = OPENSSL_realloc((*policy)->data,
-                                        (*policy)->length + n + 1);
-                                if (!tmp_data)
-                                        break;
-                                (*policy)->data = tmp_data;
-                                memcpy(&(*policy)->data[(*policy)->length],
-                                        buf, n);
-                                (*policy)->length += n;
-                                (*policy)->data[(*policy)->length] = '\0';
-                                }
-                        if (n < 0)
-                                {
-                                X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
-                                X509V3_conf_err(val);
-                                goto err;
-                                }
-                        }
-                else if (strncmp(val->value, "text:", 5) == 0)
-                        {
-                        val_len = strlen(val->value + 5);
-                        tmp_data = OPENSSL_realloc((*policy)->data,
-                                (*policy)->length + val_len + 1);
-                        if (tmp_data)
-                                {
-                                (*policy)->data = tmp_data;
-                                memcpy(&(*policy)->data[(*policy)->length],
-                                        val->value + 5, val_len);
-                                (*policy)->length += val_len;
-                                (*policy)->data[(*policy)->length] = '\0';
-                                }
-                        }
-                else
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
-                        X509V3_conf_err(val);
-                        goto err;
-                        }
-                if (!tmp_data)
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
-                        X509V3_conf_err(val);
-                        goto err;
-                        }
-                }
-        return 1;
-err:
-        if (free_policy)
-                {
-                ASN1_OCTET_STRING_free(*policy);
-                *policy = NULL;
-                }
-        return 0;
-        }
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
-        X509V3_CTX *ctx, char *value)
-        {
-        PROXY_CERT_INFO_EXTENSION *pci = NULL;
-        STACK_OF(CONF_VALUE) *vals;
-        ASN1_OBJECT *language = NULL;
-        ASN1_INTEGER *pathlen = NULL;
-        ASN1_OCTET_STRING *policy = NULL;
-        int i, j;
-        vals = X509V3_parse_list(value);
-        for (i = 0; i < sk_CONF_VALUE_num(vals); i++)
-                {
-                CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
-                if (!cnf->name || (*cnf->name != '@' && !cnf->value))
-                        {
-                        X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_PROXY_POLICY_SETTING);
-                        X509V3_conf_err(cnf);
-                        goto err;
-                        }
-                if (*cnf->name == '@')
-                        {
-                        STACK_OF(CONF_VALUE) *sect;
-                        int success_p = 1;
-                        sect = X509V3_get_section(ctx, cnf->name + 1);
-                        if (!sect)
-                                {
-                                X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_SECTION);
-                                X509V3_conf_err(cnf);
-                                goto err;
-                                }
-                        for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++)
-                                {
-                                success_p =
-                                        process_pci_value(sk_CONF_VALUE_value(sect, j),
-                                                &language, &pathlen, &policy);
-                                }
-                        X509V3_section_free(ctx, sect);
-                        if (!success_p)
-                                goto err;
-                        }
-                else
-                        {
-                        if (!process_pci_value(cnf,
-                                        &language, &pathlen, &policy))
-                                {
-                                X509V3_conf_err(cnf);
-                                goto err;
-                                }
-                        }
-                }
-        /* Language is mandatory */
-        if (!language)
-                {
-                X509V3err(X509V3_F_R2I_PCI,X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
-                goto err;
-                }
-        i = OBJ_obj2nid(language);
-        if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy)
-                {
-                X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
-                goto err;
-                }
-        pci = PROXY_CERT_INFO_EXTENSION_new();
-        if (!pci)
-                {
-                X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
-                goto err;
-                }
-        pci->proxyPolicy = PROXY_POLICY_new();
-        if (!pci->proxyPolicy)
-                {
-                X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
-                goto err;
-                }
-        pci->proxyPolicy->policyLanguage = language; language = NULL;
-        pci->proxyPolicy->policy = policy; policy = NULL;
-        pci->pcPathLengthConstraint = pathlen; pathlen = NULL;
-        goto end;
-err:
-        if (language) { ASN1_OBJECT_free(language); language = NULL; }
-        if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; }
-        if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; }
-        if (pci && pci->proxyPolicy)
-                {
-                PROXY_POLICY_free(pci->proxyPolicy);
-                pci->proxyPolicy = NULL;
-                }
-        if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; }
-end:
-        sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-        return pci;
-        }

diff --git a/src/lib/libcrypto/x509v3/v3_pci.c b/src/lib/libcrypto/x509v3/v3_pci.c deleted file mode 100644 index b32d968619..0000000000 --- a/src/lib/libcrypto/x509v3/v3_pci.c +++ /dev/null
@@ -1,313 +0,0 @@
1	/* v3_pci.c -- mode:C; c-file-style: "eay" -- */
2	/* Contributed to the OpenSSL Project 2004
3	* by Richard Levitte (richard@levitte.org)
4	*/
5	/* Copyright (c) 2004 Kungliga Tekniska Högskolan
6	* (Royal Institute of Technology, Stockholm, Sweden).
7	* All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	*
13	* 1. Redistributions of source code must retain the above copyright
14	* notice, this list of conditions and the following disclaimer.
15	*
16	* 2. Redistributions in binary form must reproduce the above copyright
17	* notice, this list of conditions and the following disclaimer in the
18	* documentation and/or other materials provided with the distribution.
19	*
20	* 3. Neither the name of the Institute nor the names of its contributors
21	* may be used to endorse or promote products derived from this software
22	* without specific prior written permission.
23	*
24	* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
25	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27	* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
28	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34	* SUCH DAMAGE.
35	*/
36
37	#include <stdio.h>
38	#include "cryptlib.h"
39	#include <openssl/conf.h>
40	#include <openssl/x509v3.h>
41
42	static int i2r_pci(X509V3_EXT_METHOD method, PROXY_CERT_INFO_EXTENSION ext,
43	BIO *out, int indent);
44	static PROXY_CERT_INFO_EXTENSION r2i_pci(X509V3_EXT_METHOD method,
45	X509V3_CTX ctx, char str);
46
47	X509V3_EXT_METHOD v3_pci =
48	{ NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
49	0,0,0,0,
50	0,0,
51	NULL, NULL,
52	(X509V3_EXT_I2R)i2r_pci,
53	(X509V3_EXT_R2I)r2i_pci,
54	NULL,
55	};
56
57	static int i2r_pci(X509V3_EXT_METHOD method, PROXY_CERT_INFO_EXTENSION pci,
58	BIO *out, int indent)
59	{
60	BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
61	if (pci->pcPathLengthConstraint)
62	i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
63	else
64	BIO_printf(out, "infinite");
65	BIO_puts(out, "\n");
66	BIO_printf(out, "%*sPolicy Language: ", indent, "");
67	i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
68	BIO_puts(out, "\n");
69	if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
70	BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
71	pci->proxyPolicy->policy->data);
72	return 1;
73	}
74
75	static int process_pci_value(CONF_VALUE *val,
76	ASN1_OBJECT language, ASN1_INTEGER pathlen,
77	ASN1_OCTET_STRING **policy)
78	{
79	int free_policy = 0;
80
81	if (strcmp(val->name, "language") == 0)
82	{
83	if (*language)
84	{
85	X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED);
86	X509V3_conf_err(val);
87	return 0;
88	}
89	if (!(*language = OBJ_txt2obj(val->value, 0)))
90	{
91	X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_OBJECT_IDENTIFIER);
92	X509V3_conf_err(val);
93	return 0;
94	}
95	}
96	else if (strcmp(val->name, "pathlen") == 0)
97	{
98	if (*pathlen)
99	{
100	X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED);
101	X509V3_conf_err(val);
102	return 0;
103	}
104	if (!X509V3_get_value_int(val, pathlen))
105	{
106	X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH);
107	X509V3_conf_err(val);
108	return 0;
109	}
110	}
111	else if (strcmp(val->name, "policy") == 0)
112	{
113	unsigned char *tmp_data = NULL;
114	long val_len;
115	if (!*policy)
116	{
117	*policy = ASN1_OCTET_STRING_new();
118	if (!*policy)
119	{
120	X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
121	X509V3_conf_err(val);
122	return 0;
123	}
124	free_policy = 1;
125	}
126	if (strncmp(val->value, "hex:", 4) == 0)
127	{
128	unsigned char *tmp_data2 =
129	string_to_hex(val->value + 4, &val_len);
130
131	if (!tmp_data2) goto err;
132
133	tmp_data = OPENSSL_realloc((*policy)->data,
134	(*policy)->length + val_len + 1);
135	if (tmp_data)
136	{
137	(*policy)->data = tmp_data;
138	memcpy(&(policy)->data[(policy)->length],
139	tmp_data2, val_len);
140	(*policy)->length += val_len;
141	(policy)->data[(policy)->length] = '\0';
142	}
143	}
144	else if (strncmp(val->value, "file:", 5) == 0)
145	{
146	unsigned char buf[2048];
147	int n;
148	BIO *b = BIO_new_file(val->value + 5, "r");
149	if (!b)
150	{
151	X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
152	X509V3_conf_err(val);
153	goto err;
154	}
155	while((n = BIO_read(b, buf, sizeof(buf))) > 0
156	\|\| (n == 0 && BIO_should_retry(b)))
157	{
158	if (!n) continue;
159
160	tmp_data = OPENSSL_realloc((*policy)->data,
161	(*policy)->length + n + 1);
162
163	if (!tmp_data)
164	break;
165
166	(*policy)->data = tmp_data;
167	memcpy(&(policy)->data[(policy)->length],
168	buf, n);
169	(*policy)->length += n;
170	(policy)->data[(policy)->length] = '\0';
171	}
172
173	if (n < 0)
174	{
175	X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
176	X509V3_conf_err(val);
177	goto err;
178	}
179	}
180	else if (strncmp(val->value, "text:", 5) == 0)
181	{
182	val_len = strlen(val->value + 5);
183	tmp_data = OPENSSL_realloc((*policy)->data,
184	(*policy)->length + val_len + 1);
185	if (tmp_data)
186	{
187	(*policy)->data = tmp_data;
188	memcpy(&(policy)->data[(policy)->length],
189	val->value + 5, val_len);
190	(*policy)->length += val_len;
191	(policy)->data[(policy)->length] = '\0';
192	}
193	}
194	else
195	{
196	X509V3err(X509V3_F_R2I_PCI,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
197	X509V3_conf_err(val);
198	goto err;
199	}
200	if (!tmp_data)
201	{
202	X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
203	X509V3_conf_err(val);
204	goto err;
205	}
206	}
207	return 1;
208	err:
209	if (free_policy)
210	{
211	ASN1_OCTET_STRING_free(*policy);
212	*policy = NULL;
213	}
214	return 0;
215	}
216
217	static PROXY_CERT_INFO_EXTENSION r2i_pci(X509V3_EXT_METHOD method,
218	X509V3_CTX ctx, char value)
219	{
220	PROXY_CERT_INFO_EXTENSION *pci = NULL;
221	STACK_OF(CONF_VALUE) *vals;
222	ASN1_OBJECT *language = NULL;
223	ASN1_INTEGER *pathlen = NULL;
224	ASN1_OCTET_STRING *policy = NULL;
225	int i, j;
226
227	vals = X509V3_parse_list(value);
228	for (i = 0; i < sk_CONF_VALUE_num(vals); i++)
229	{
230	CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
231	if (!cnf->name \|\| (*cnf->name != '@' && !cnf->value))
232	{
233	X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_PROXY_POLICY_SETTING);
234	X509V3_conf_err(cnf);
235	goto err;
236	}
237	if (*cnf->name == '@')
238	{
239	STACK_OF(CONF_VALUE) *sect;
240	int success_p = 1;
241
242	sect = X509V3_get_section(ctx, cnf->name + 1);
243	if (!sect)
244	{
245	X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_SECTION);
246	X509V3_conf_err(cnf);
247	goto err;
248	}
249	for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++)
250	{
251	success_p =
252	process_pci_value(sk_CONF_VALUE_value(sect, j),
253	&language, &pathlen, &policy);
254	}
255	X509V3_section_free(ctx, sect);
256	if (!success_p)
257	goto err;
258	}
259	else
260	{
261	if (!process_pci_value(cnf,
262	&language, &pathlen, &policy))
263	{
264	X509V3_conf_err(cnf);
265	goto err;
266	}
267	}
268	}
269
270	/* Language is mandatory */
271	if (!language)
272	{
273	X509V3err(X509V3_F_R2I_PCI,X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
274	goto err;
275	}
276	i = OBJ_obj2nid(language);
277	if ((i == NID_Independent \|\| i == NID_id_ppl_inheritAll) && policy)
278	{
279	X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
280	goto err;
281	}
282
283	pci = PROXY_CERT_INFO_EXTENSION_new();
284	if (!pci)
285	{
286	X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
287	goto err;
288	}
289	pci->proxyPolicy = PROXY_POLICY_new();
290	if (!pci->proxyPolicy)
291	{
292	X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
293	goto err;
294	}
295
296	pci->proxyPolicy->policyLanguage = language; language = NULL;
297	pci->proxyPolicy->policy = policy; policy = NULL;
298	pci->pcPathLengthConstraint = pathlen; pathlen = NULL;
299	goto end;
300	err:
301	if (language) { ASN1_OBJECT_free(language); language = NULL; }
302	if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; }
303	if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; }
304	if (pci && pci->proxyPolicy)
305	{
306	PROXY_POLICY_free(pci->proxyPolicy);
307	pci->proxyPolicy = NULL;
308	}
309	if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; }
310	end:
311	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
312	return pci;
313	}