summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509v3/v3_pci.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509v3/v3_pci.c')
-rw-r--r--src/lib/libcrypto/x509v3/v3_pci.c52
1 files changed, 18 insertions, 34 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_pci.c b/src/lib/libcrypto/x509v3/v3_pci.c
index d0a1af96ea..dd015452d0 100644
--- a/src/lib/libcrypto/x509v3/v3_pci.c
+++ b/src/lib/libcrypto/x509v3/v3_pci.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_pci.c,v 1.11 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_pci.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */
2/* Contributed to the OpenSSL Project 2004 2/* Contributed to the OpenSSL Project 2004
3 * by Richard Levitte (richard@levitte.org) 3 * by Richard Levitte (richard@levitte.org)
4 */ 4 */
@@ -90,28 +90,24 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
90 90
91 if (strcmp(val->name, "language") == 0) { 91 if (strcmp(val->name, "language") == 0) {
92 if (*language) { 92 if (*language) {
93 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 93 X509V3error(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
94 X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
95 X509V3_conf_err(val); 94 X509V3_conf_err(val);
96 return 0; 95 return 0;
97 } 96 }
98 if (!(*language = OBJ_txt2obj(val->value, 0))) { 97 if (!(*language = OBJ_txt2obj(val->value, 0))) {
99 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 98 X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER);
100 X509V3_R_INVALID_OBJECT_IDENTIFIER);
101 X509V3_conf_err(val); 99 X509V3_conf_err(val);
102 return 0; 100 return 0;
103 } 101 }
104 } 102 }
105 else if (strcmp(val->name, "pathlen") == 0) { 103 else if (strcmp(val->name, "pathlen") == 0) {
106 if (*pathlen) { 104 if (*pathlen) {
107 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 105 X509V3error(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
108 X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
109 X509V3_conf_err(val); 106 X509V3_conf_err(val);
110 return 0; 107 return 0;
111 } 108 }
112 if (!X509V3_get_value_int(val, pathlen)) { 109 if (!X509V3_get_value_int(val, pathlen)) {
113 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 110 X509V3error(X509V3_R_POLICY_PATH_LENGTH);
114 X509V3_R_POLICY_PATH_LENGTH);
115 X509V3_conf_err(val); 111 X509V3_conf_err(val);
116 return 0; 112 return 0;
117 } 113 }
@@ -122,8 +118,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
122 if (!*policy) { 118 if (!*policy) {
123 *policy = ASN1_OCTET_STRING_new(); 119 *policy = ASN1_OCTET_STRING_new();
124 if (!*policy) { 120 if (!*policy) {
125 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 121 X509V3error(ERR_R_MALLOC_FAILURE);
126 ERR_R_MALLOC_FAILURE);
127 X509V3_conf_err(val); 122 X509V3_conf_err(val);
128 return 0; 123 return 0;
129 } 124 }
@@ -134,8 +129,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
134 string_to_hex(val->value + 4, &val_len); 129 string_to_hex(val->value + 4, &val_len);
135 130
136 if (!tmp_data2) { 131 if (!tmp_data2) {
137 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 132 X509V3error(X509V3_R_ILLEGAL_HEX_DIGIT);
138 X509V3_R_ILLEGAL_HEX_DIGIT);
139 X509V3_conf_err(val); 133 X509V3_conf_err(val);
140 goto err; 134 goto err;
141 } 135 }
@@ -153,8 +147,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
153 free((*policy)->data); 147 free((*policy)->data);
154 (*policy)->data = NULL; 148 (*policy)->data = NULL;
155 (*policy)->length = 0; 149 (*policy)->length = 0;
156 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 150 X509V3error(ERR_R_MALLOC_FAILURE);
157 ERR_R_MALLOC_FAILURE);
158 X509V3_conf_err(val); 151 X509V3_conf_err(val);
159 goto err; 152 goto err;
160 } 153 }
@@ -165,8 +158,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
165 int n; 158 int n;
166 BIO *b = BIO_new_file(val->value + 5, "r"); 159 BIO *b = BIO_new_file(val->value + 5, "r");
167 if (!b) { 160 if (!b) {
168 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 161 X509V3error(ERR_R_BIO_LIB);
169 ERR_R_BIO_LIB);
170 X509V3_conf_err(val); 162 X509V3_conf_err(val);
171 goto err; 163 goto err;
172 } 164 }
@@ -190,8 +182,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
190 BIO_free_all(b); 182 BIO_free_all(b);
191 183
192 if (n < 0) { 184 if (n < 0) {
193 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 185 X509V3error(ERR_R_BIO_LIB);
194 ERR_R_BIO_LIB);
195 X509V3_conf_err(val); 186 X509V3_conf_err(val);
196 goto err; 187 goto err;
197 } 188 }
@@ -210,20 +201,17 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
210 free((*policy)->data); 201 free((*policy)->data);
211 (*policy)->data = NULL; 202 (*policy)->data = NULL;
212 (*policy)->length = 0; 203 (*policy)->length = 0;
213 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 204 X509V3error(ERR_R_MALLOC_FAILURE);
214 ERR_R_MALLOC_FAILURE);
215 X509V3_conf_err(val); 205 X509V3_conf_err(val);
216 goto err; 206 goto err;
217 } 207 }
218 } else { 208 } else {
219 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 209 X509V3error(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
220 X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
221 X509V3_conf_err(val); 210 X509V3_conf_err(val);
222 goto err; 211 goto err;
223 } 212 }
224 if (!tmp_data) { 213 if (!tmp_data) {
225 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 214 X509V3error(ERR_R_MALLOC_FAILURE);
226 ERR_R_MALLOC_FAILURE);
227 X509V3_conf_err(val); 215 X509V3_conf_err(val);
228 goto err; 216 goto err;
229 } 217 }
@@ -252,8 +240,7 @@ r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
252 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { 240 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
253 CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); 241 CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
254 if (!cnf->name || (*cnf->name != '@' && !cnf->value)) { 242 if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
255 X509V3err(X509V3_F_R2I_PCI, 243 X509V3error(X509V3_R_INVALID_PROXY_POLICY_SETTING);
256 X509V3_R_INVALID_PROXY_POLICY_SETTING);
257 X509V3_conf_err(cnf); 244 X509V3_conf_err(cnf);
258 goto err; 245 goto err;
259 } 246 }
@@ -263,8 +250,7 @@ r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
263 250
264 sect = X509V3_get_section(ctx, cnf->name + 1); 251 sect = X509V3_get_section(ctx, cnf->name + 1);
265 if (!sect) { 252 if (!sect) {
266 X509V3err(X509V3_F_R2I_PCI, 253 X509V3error(X509V3_R_INVALID_SECTION);
267 X509V3_R_INVALID_SECTION);
268 X509V3_conf_err(cnf); 254 X509V3_conf_err(cnf);
269 goto err; 255 goto err;
270 } 256 }
@@ -288,20 +274,18 @@ r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
288 274
289 /* Language is mandatory */ 275 /* Language is mandatory */
290 if (!language) { 276 if (!language) {
291 X509V3err(X509V3_F_R2I_PCI, 277 X509V3error(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
292 X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
293 goto err; 278 goto err;
294 } 279 }
295 i = OBJ_obj2nid(language); 280 i = OBJ_obj2nid(language);
296 if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) { 281 if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
297 X509V3err(X509V3_F_R2I_PCI, 282 X509V3error(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
298 X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
299 goto err; 283 goto err;
300 } 284 }
301 285
302 pci = PROXY_CERT_INFO_EXTENSION_new(); 286 pci = PROXY_CERT_INFO_EXTENSION_new();
303 if (!pci) { 287 if (!pci) {
304 X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE); 288 X509V3error(ERR_R_MALLOC_FAILURE);
305 goto err; 289 goto err;
306 } 290 }
307 291
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-06 17:45:15 +0000