diff options
Diffstat (limited to 'src/lib/libcrypto/x509v3/v3_pci.c')
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_pci.c | 309 |
1 files changed, 153 insertions, 156 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_pci.c b/src/lib/libcrypto/x509v3/v3_pci.c index 9cef94258c..ab09a36436 100644 --- a/src/lib/libcrypto/x509v3/v3_pci.c +++ b/src/lib/libcrypto/x509v3/v3_pci.c | |||
| @@ -40,209 +40,196 @@ | |||
| 40 | #include <openssl/x509v3.h> | 40 | #include <openssl/x509v3.h> |
| 41 | 41 | ||
| 42 | static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext, | 42 | static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext, |
| 43 | BIO *out, int indent); | 43 | BIO *out, int indent); |
| 44 | static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, | 44 | static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, |
| 45 | X509V3_CTX *ctx, char *str); | 45 | X509V3_CTX *ctx, char *str); |
| 46 | 46 | ||
| 47 | const X509V3_EXT_METHOD v3_pci = | 47 | const X509V3_EXT_METHOD v3_pci = { |
| 48 | { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), | 48 | NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), |
| 49 | 0,0,0,0, | 49 | 0, 0, 0, 0, 0, 0, NULL, NULL, |
| 50 | 0,0, | 50 | (X509V3_EXT_I2R)i2r_pci, |
| 51 | NULL, NULL, | 51 | (X509V3_EXT_R2I)r2i_pci, |
| 52 | (X509V3_EXT_I2R)i2r_pci, | 52 | NULL, |
| 53 | (X509V3_EXT_R2I)r2i_pci, | 53 | }; |
| 54 | NULL, | ||
| 55 | }; | ||
| 56 | 54 | ||
| 57 | static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci, | 55 | static int |
| 58 | BIO *out, int indent) | 56 | i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci, BIO *out, |
| 59 | { | 57 | int indent) |
| 58 | { | ||
| 60 | BIO_printf(out, "%*sPath Length Constraint: ", indent, ""); | 59 | BIO_printf(out, "%*sPath Length Constraint: ", indent, ""); |
| 61 | if (pci->pcPathLengthConstraint) | 60 | if (pci->pcPathLengthConstraint) |
| 62 | i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint); | 61 | i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint); |
| 63 | else | 62 | else |
| 64 | BIO_printf(out, "infinite"); | 63 | BIO_printf(out, "infinite"); |
| 65 | BIO_puts(out, "\n"); | 64 | BIO_puts(out, "\n"); |
| 66 | BIO_printf(out, "%*sPolicy Language: ", indent, ""); | 65 | BIO_printf(out, "%*sPolicy Language: ", indent, ""); |
| 67 | i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage); | 66 | i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage); |
| 68 | BIO_puts(out, "\n"); | 67 | BIO_puts(out, "\n"); |
| 69 | if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data) | 68 | if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data) |
| 70 | BIO_printf(out, "%*sPolicy Text: %s\n", indent, "", | 69 | BIO_printf(out, "%*sPolicy Text: %s\n", indent, "", |
| 71 | pci->proxyPolicy->policy->data); | 70 | pci->proxyPolicy->policy->data); |
| 72 | return 1; | 71 | return 1; |
| 73 | } | 72 | } |
| 74 | 73 | ||
| 75 | static int process_pci_value(CONF_VALUE *val, | 74 | static int |
| 76 | ASN1_OBJECT **language, ASN1_INTEGER **pathlen, | 75 | process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language, |
| 77 | ASN1_OCTET_STRING **policy) | 76 | ASN1_INTEGER **pathlen, ASN1_OCTET_STRING **policy) |
| 78 | { | 77 | { |
| 79 | int free_policy = 0; | 78 | int free_policy = 0; |
| 80 | 79 | ||
| 81 | if (strcmp(val->name, "language") == 0) | 80 | if (strcmp(val->name, "language") == 0) { |
| 82 | { | 81 | if (*language) { |
| 83 | if (*language) | 82 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 84 | { | 83 | X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); |
| 85 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); | ||
| 86 | X509V3_conf_err(val); | 84 | X509V3_conf_err(val); |
| 87 | return 0; | 85 | return 0; |
| 88 | } | 86 | } |
| 89 | if (!(*language = OBJ_txt2obj(val->value, 0))) | 87 | if (!(*language = OBJ_txt2obj(val->value, 0))) { |
| 90 | { | 88 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 91 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INVALID_OBJECT_IDENTIFIER); | 89 | X509V3_R_INVALID_OBJECT_IDENTIFIER); |
| 92 | X509V3_conf_err(val); | 90 | X509V3_conf_err(val); |
| 93 | return 0; | 91 | return 0; |
| 94 | } | ||
| 95 | } | 92 | } |
| 96 | else if (strcmp(val->name, "pathlen") == 0) | 93 | } |
| 97 | { | 94 | else if (strcmp(val->name, "pathlen") == 0) { |
| 98 | if (*pathlen) | 95 | if (*pathlen) { |
| 99 | { | 96 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 100 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); | 97 | X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); |
| 101 | X509V3_conf_err(val); | 98 | X509V3_conf_err(val); |
| 102 | return 0; | 99 | return 0; |
| 103 | } | 100 | } |
| 104 | if (!X509V3_get_value_int(val, pathlen)) | 101 | if (!X509V3_get_value_int(val, pathlen)) { |
| 105 | { | 102 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 106 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH); | 103 | X509V3_R_POLICY_PATH_LENGTH); |
| 107 | X509V3_conf_err(val); | 104 | X509V3_conf_err(val); |
| 108 | return 0; | 105 | return 0; |
| 109 | } | ||
| 110 | } | 106 | } |
| 111 | else if (strcmp(val->name, "policy") == 0) | 107 | } |
| 112 | { | 108 | else if (strcmp(val->name, "policy") == 0) { |
| 113 | unsigned char *tmp_data = NULL; | 109 | unsigned char *tmp_data = NULL; |
| 114 | long val_len; | 110 | long val_len; |
| 115 | if (!*policy) | 111 | if (!*policy) { |
| 116 | { | ||
| 117 | *policy = ASN1_OCTET_STRING_new(); | 112 | *policy = ASN1_OCTET_STRING_new(); |
| 118 | if (!*policy) | 113 | if (!*policy) { |
| 119 | { | 114 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 120 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); | 115 | ERR_R_MALLOC_FAILURE); |
| 121 | X509V3_conf_err(val); | 116 | X509V3_conf_err(val); |
| 122 | return 0; | 117 | return 0; |
| 123 | } | ||
| 124 | free_policy = 1; | ||
| 125 | } | 118 | } |
| 126 | if (strncmp(val->value, "hex:", 4) == 0) | 119 | free_policy = 1; |
| 127 | { | 120 | } |
| 121 | if (strncmp(val->value, "hex:", 4) == 0) { | ||
| 128 | unsigned char *tmp_data2 = | 122 | unsigned char *tmp_data2 = |
| 129 | string_to_hex(val->value + 4, &val_len); | 123 | string_to_hex(val->value + 4, &val_len); |
| 130 | 124 | ||
| 131 | if (!tmp_data2) | 125 | if (!tmp_data2) { |
| 132 | { | 126 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 133 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_ILLEGAL_HEX_DIGIT); | 127 | X509V3_R_ILLEGAL_HEX_DIGIT); |
| 134 | X509V3_conf_err(val); | 128 | X509V3_conf_err(val); |
| 135 | goto err; | 129 | goto err; |
| 136 | } | 130 | } |
| 137 | 131 | ||
| 138 | tmp_data = realloc((*policy)->data, | 132 | tmp_data = realloc((*policy)->data, |
| 139 | (*policy)->length + val_len + 1); | 133 | (*policy)->length + val_len + 1); |
| 140 | if (tmp_data) | 134 | if (tmp_data) { |
| 141 | { | ||
| 142 | (*policy)->data = tmp_data; | 135 | (*policy)->data = tmp_data; |
| 143 | memcpy(&(*policy)->data[(*policy)->length], | 136 | memcpy(&(*policy)->data[(*policy)->length], |
| 144 | tmp_data2, val_len); | 137 | tmp_data2, val_len); |
| 145 | (*policy)->length += val_len; | 138 | (*policy)->length += val_len; |
| 146 | (*policy)->data[(*policy)->length] = '\0'; | 139 | (*policy)->data[(*policy)->length] = '\0'; |
| 147 | } | 140 | } else { |
| 148 | else | ||
| 149 | { | ||
| 150 | free(tmp_data2); | 141 | free(tmp_data2); |
| 151 | /* realloc failure implies the original data space is b0rked too! */ | 142 | /* realloc failure implies the original data space is b0rked too! */ |
| 152 | (*policy)->data = NULL; | 143 | (*policy)->data = NULL; |
| 153 | (*policy)->length = 0; | 144 | (*policy)->length = 0; |
| 154 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); | 145 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 146 | ERR_R_MALLOC_FAILURE); | ||
| 155 | X509V3_conf_err(val); | 147 | X509V3_conf_err(val); |
| 156 | goto err; | 148 | goto err; |
| 157 | } | ||
| 158 | free(tmp_data2); | ||
| 159 | } | 149 | } |
| 160 | else if (strncmp(val->value, "file:", 5) == 0) | 150 | free(tmp_data2); |
| 161 | { | 151 | } |
| 152 | else if (strncmp(val->value, "file:", 5) == 0) { | ||
| 162 | unsigned char buf[2048]; | 153 | unsigned char buf[2048]; |
| 163 | int n; | 154 | int n; |
| 164 | BIO *b = BIO_new_file(val->value + 5, "r"); | 155 | BIO *b = BIO_new_file(val->value + 5, "r"); |
| 165 | if (!b) | 156 | if (!b) { |
| 166 | { | 157 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 167 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB); | 158 | ERR_R_BIO_LIB); |
| 168 | X509V3_conf_err(val); | 159 | X509V3_conf_err(val); |
| 169 | goto err; | 160 | goto err; |
| 170 | } | 161 | } |
| 171 | while((n = BIO_read(b, buf, sizeof(buf))) > 0 | 162 | while ((n = BIO_read(b, buf, sizeof(buf))) > 0 || |
| 172 | || (n == 0 && BIO_should_retry(b))) | 163 | (n == 0 && BIO_should_retry(b))) { |
| 173 | { | 164 | if (!n) |
| 174 | if (!n) continue; | 165 | continue; |
| 175 | 166 | ||
| 176 | tmp_data = realloc((*policy)->data, | 167 | tmp_data = realloc((*policy)->data, |
| 177 | (*policy)->length + n + 1); | 168 | (*policy)->length + n + 1); |
| 178 | 169 | ||
| 179 | if (!tmp_data) | 170 | if (!tmp_data) |
| 180 | break; | 171 | break; |
| 181 | 172 | ||
| 182 | (*policy)->data = tmp_data; | 173 | (*policy)->data = tmp_data; |
| 183 | memcpy(&(*policy)->data[(*policy)->length], | 174 | memcpy(&(*policy)->data[(*policy)->length], |
| 184 | buf, n); | 175 | buf, n); |
| 185 | (*policy)->length += n; | 176 | (*policy)->length += n; |
| 186 | (*policy)->data[(*policy)->length] = '\0'; | 177 | (*policy)->data[(*policy)->length] = '\0'; |
| 187 | } | 178 | } |
| 188 | BIO_free_all(b); | 179 | BIO_free_all(b); |
| 189 | 180 | ||
| 190 | if (n < 0) | 181 | if (n < 0) { |
| 191 | { | 182 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 192 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB); | 183 | ERR_R_BIO_LIB); |
| 193 | X509V3_conf_err(val); | 184 | X509V3_conf_err(val); |
| 194 | goto err; | 185 | goto err; |
| 195 | } | ||
| 196 | } | 186 | } |
| 197 | else if (strncmp(val->value, "text:", 5) == 0) | 187 | } |
| 198 | { | 188 | else if (strncmp(val->value, "text:", 5) == 0) { |
| 199 | val_len = strlen(val->value + 5); | 189 | val_len = strlen(val->value + 5); |
| 200 | tmp_data = realloc((*policy)->data, | 190 | tmp_data = realloc((*policy)->data, |
| 201 | (*policy)->length + val_len + 1); | 191 | (*policy)->length + val_len + 1); |
| 202 | if (tmp_data) | 192 | if (tmp_data) { |
| 203 | { | ||
| 204 | (*policy)->data = tmp_data; | 193 | (*policy)->data = tmp_data; |
| 205 | memcpy(&(*policy)->data[(*policy)->length], | 194 | memcpy(&(*policy)->data[(*policy)->length], |
| 206 | val->value + 5, val_len); | 195 | val->value + 5, val_len); |
| 207 | (*policy)->length += val_len; | 196 | (*policy)->length += val_len; |
| 208 | (*policy)->data[(*policy)->length] = '\0'; | 197 | (*policy)->data[(*policy)->length] = '\0'; |
| 209 | } | 198 | } else { |
| 210 | else | ||
| 211 | { | ||
| 212 | /* realloc failure implies the original data space is b0rked too! */ | 199 | /* realloc failure implies the original data space is b0rked too! */ |
| 213 | (*policy)->data = NULL; | 200 | (*policy)->data = NULL; |
| 214 | (*policy)->length = 0; | 201 | (*policy)->length = 0; |
| 215 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); | 202 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 203 | ERR_R_MALLOC_FAILURE); | ||
| 216 | X509V3_conf_err(val); | 204 | X509V3_conf_err(val); |
| 217 | goto err; | 205 | goto err; |
| 218 | } | ||
| 219 | } | 206 | } |
| 220 | else | 207 | } else { |
| 221 | { | 208 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 222 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); | 209 | X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); |
| 223 | X509V3_conf_err(val); | 210 | X509V3_conf_err(val); |
| 224 | goto err; | 211 | goto err; |
| 225 | } | 212 | } |
| 226 | if (!tmp_data) | 213 | if (!tmp_data) { |
| 227 | { | 214 | X509V3err(X509V3_F_PROCESS_PCI_VALUE, |
| 228 | X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); | 215 | ERR_R_MALLOC_FAILURE); |
| 229 | X509V3_conf_err(val); | 216 | X509V3_conf_err(val); |
| 230 | goto err; | 217 | goto err; |
| 231 | } | ||
| 232 | } | 218 | } |
| 219 | } | ||
| 233 | return 1; | 220 | return 1; |
| 221 | |||
| 234 | err: | 222 | err: |
| 235 | if (free_policy) | 223 | if (free_policy) { |
| 236 | { | ||
| 237 | ASN1_OCTET_STRING_free(*policy); | 224 | ASN1_OCTET_STRING_free(*policy); |
| 238 | *policy = NULL; | 225 | *policy = NULL; |
| 239 | } | ||
| 240 | return 0; | ||
| 241 | } | 226 | } |
| 227 | return 0; | ||
| 228 | } | ||
| 242 | 229 | ||
| 243 | static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, | 230 | static PROXY_CERT_INFO_EXTENSION * |
| 244 | X509V3_CTX *ctx, char *value) | 231 | r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value) |
| 245 | { | 232 | { |
| 246 | PROXY_CERT_INFO_EXTENSION *pci = NULL; | 233 | PROXY_CERT_INFO_EXTENSION *pci = NULL; |
| 247 | STACK_OF(CONF_VALUE) *vals; | 234 | STACK_OF(CONF_VALUE) *vals; |
| 248 | ASN1_OBJECT *language = NULL; | 235 | ASN1_OBJECT *language = NULL; |
| @@ -251,78 +238,88 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, | |||
| 251 | int i, j; | 238 | int i, j; |
| 252 | 239 | ||
| 253 | vals = X509V3_parse_list(value); | 240 | vals = X509V3_parse_list(value); |
| 254 | for (i = 0; i < sk_CONF_VALUE_num(vals); i++) | 241 | for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { |
| 255 | { | ||
| 256 | CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); | 242 | CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); |
| 257 | if (!cnf->name || (*cnf->name != '@' && !cnf->value)) | 243 | if (!cnf->name || (*cnf->name != '@' && !cnf->value)) { |
| 258 | { | 244 | X509V3err(X509V3_F_R2I_PCI, |
| 259 | X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_PROXY_POLICY_SETTING); | 245 | X509V3_R_INVALID_PROXY_POLICY_SETTING); |
| 260 | X509V3_conf_err(cnf); | 246 | X509V3_conf_err(cnf); |
| 261 | goto err; | 247 | goto err; |
| 262 | } | 248 | } |
| 263 | if (*cnf->name == '@') | 249 | if (*cnf->name == '@') { |
| 264 | { | ||
| 265 | STACK_OF(CONF_VALUE) *sect; | 250 | STACK_OF(CONF_VALUE) *sect; |
| 266 | int success_p = 1; | 251 | int success_p = 1; |
| 267 | 252 | ||
| 268 | sect = X509V3_get_section(ctx, cnf->name + 1); | 253 | sect = X509V3_get_section(ctx, cnf->name + 1); |
| 269 | if (!sect) | 254 | if (!sect) { |
| 270 | { | 255 | X509V3err(X509V3_F_R2I_PCI, |
| 271 | X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_SECTION); | 256 | X509V3_R_INVALID_SECTION); |
| 272 | X509V3_conf_err(cnf); | 257 | X509V3_conf_err(cnf); |
| 273 | goto err; | 258 | goto err; |
| 274 | } | 259 | } |
| 275 | for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++) | 260 | for (j = 0; success_p && |
| 276 | { | 261 | j < sk_CONF_VALUE_num(sect); j++) { |
| 277 | success_p = | 262 | success_p = process_pci_value( |
| 278 | process_pci_value(sk_CONF_VALUE_value(sect, j), | 263 | sk_CONF_VALUE_value(sect, j), |
| 279 | &language, &pathlen, &policy); | 264 | &language, &pathlen, &policy); |
| 280 | } | 265 | } |
| 281 | X509V3_section_free(ctx, sect); | 266 | X509V3_section_free(ctx, sect); |
| 282 | if (!success_p) | 267 | if (!success_p) |
| 283 | goto err; | 268 | goto err; |
| 284 | } | 269 | } else { |
| 285 | else | ||
| 286 | { | ||
| 287 | if (!process_pci_value(cnf, | 270 | if (!process_pci_value(cnf, |
| 288 | &language, &pathlen, &policy)) | 271 | &language, &pathlen, &policy)) { |
| 289 | { | ||
| 290 | X509V3_conf_err(cnf); | 272 | X509V3_conf_err(cnf); |
| 291 | goto err; | 273 | goto err; |
| 292 | } | ||
| 293 | } | 274 | } |
| 294 | } | 275 | } |
| 276 | } | ||
| 295 | 277 | ||
| 296 | /* Language is mandatory */ | 278 | /* Language is mandatory */ |
| 297 | if (!language) | 279 | if (!language) { |
| 298 | { | 280 | X509V3err(X509V3_F_R2I_PCI, |
| 299 | X509V3err(X509V3_F_R2I_PCI,X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); | 281 | X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED); |
| 300 | goto err; | 282 | goto err; |
| 301 | } | 283 | } |
| 302 | i = OBJ_obj2nid(language); | 284 | i = OBJ_obj2nid(language); |
| 303 | if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) | 285 | if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) { |
| 304 | { | 286 | X509V3err(X509V3_F_R2I_PCI, |
| 305 | X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); | 287 | X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY); |
| 306 | goto err; | 288 | goto err; |
| 307 | } | 289 | } |
| 308 | 290 | ||
| 309 | pci = PROXY_CERT_INFO_EXTENSION_new(); | 291 | pci = PROXY_CERT_INFO_EXTENSION_new(); |
| 310 | if (!pci) | 292 | if (!pci) { |
| 311 | { | 293 | X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE); |
| 312 | X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); | ||
| 313 | goto err; | 294 | goto err; |
| 314 | } | 295 | } |
| 315 | 296 | ||
| 316 | pci->proxyPolicy->policyLanguage = language; language = NULL; | 297 | pci->proxyPolicy->policyLanguage = language; |
| 317 | pci->proxyPolicy->policy = policy; policy = NULL; | 298 | language = NULL; |
| 318 | pci->pcPathLengthConstraint = pathlen; pathlen = NULL; | 299 | pci->proxyPolicy->policy = policy; |
| 300 | policy = NULL; | ||
| 301 | pci->pcPathLengthConstraint = pathlen; | ||
| 302 | pathlen = NULL; | ||
| 319 | goto end; | 303 | goto end; |
| 304 | |||
| 320 | err: | 305 | err: |
| 321 | if (language) { ASN1_OBJECT_free(language); language = NULL; } | 306 | if (language) { |
| 322 | if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; } | 307 | ASN1_OBJECT_free(language); |
| 323 | if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; } | 308 | language = NULL; |
| 324 | if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; } | 309 | } |
| 310 | if (pathlen) { | ||
| 311 | ASN1_INTEGER_free(pathlen); | ||
| 312 | pathlen = NULL; | ||
| 313 | } | ||
| 314 | if (policy) { | ||
| 315 | ASN1_OCTET_STRING_free(policy); | ||
| 316 | policy = NULL; | ||
| 317 | } | ||
| 318 | if (pci) { | ||
| 319 | PROXY_CERT_INFO_EXTENSION_free(pci); | ||
| 320 | pci = NULL; | ||
| 321 | } | ||
| 325 | end: | 322 | end: |
| 326 | sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); | 323 | sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); |
| 327 | return pci; | 324 | return pci; |
| 328 | } | 325 | } |