diff options
Diffstat (limited to 'src/lib/libcrypto/x509v3/v3_purp.c')
| -rw-r--r-- | src/lib/libcrypto/x509v3/v3_purp.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c index bbdf6da493..b2f5cdfa05 100644 --- a/src/lib/libcrypto/x509v3/v3_purp.c +++ b/src/lib/libcrypto/x509v3/v3_purp.c | |||
| @@ -139,7 +139,7 @@ int X509_PURPOSE_get_count(void) | |||
| 139 | X509_PURPOSE * X509_PURPOSE_get0(int idx) | 139 | X509_PURPOSE * X509_PURPOSE_get0(int idx) |
| 140 | { | 140 | { |
| 141 | if(idx < 0) return NULL; | 141 | if(idx < 0) return NULL; |
| 142 | if(idx < X509_PURPOSE_COUNT) return xstandard + idx; | 142 | if(idx < (int)X509_PURPOSE_COUNT) return xstandard + idx; |
| 143 | return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); | 143 | return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); |
| 144 | } | 144 | } |
| 145 | 145 | ||
| @@ -239,7 +239,7 @@ static void xptable_free(X509_PURPOSE *p) | |||
| 239 | 239 | ||
| 240 | void X509_PURPOSE_cleanup(void) | 240 | void X509_PURPOSE_cleanup(void) |
| 241 | { | 241 | { |
| 242 | int i; | 242 | unsigned int i; |
| 243 | sk_X509_PURPOSE_pop_free(xptable, xptable_free); | 243 | sk_X509_PURPOSE_pop_free(xptable, xptable_free); |
| 244 | for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i); | 244 | for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i); |
| 245 | xptable = NULL; | 245 | xptable = NULL; |
| @@ -285,7 +285,12 @@ int X509_supported_extension(X509_EXTENSION *ex) | |||
| 285 | NID_key_usage, /* 83 */ | 285 | NID_key_usage, /* 83 */ |
| 286 | NID_subject_alt_name, /* 85 */ | 286 | NID_subject_alt_name, /* 85 */ |
| 287 | NID_basic_constraints, /* 87 */ | 287 | NID_basic_constraints, /* 87 */ |
| 288 | NID_certificate_policies, /* 89 */ | ||
| 288 | NID_ext_key_usage, /* 126 */ | 289 | NID_ext_key_usage, /* 126 */ |
| 290 | #ifndef OPENSSL_NO_RFC3779 | ||
| 291 | NID_sbgp_ipAddrBlock, /* 290 */ | ||
| 292 | NID_sbgp_autonomousSysNum, /* 291 */ | ||
| 293 | #endif | ||
| 289 | NID_proxyCertInfo /* 661 */ | 294 | NID_proxyCertInfo /* 661 */ |
| 290 | }; | 295 | }; |
| 291 | 296 | ||
| @@ -343,6 +348,10 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 343 | || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) { | 348 | || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) { |
| 344 | x->ex_flags |= EXFLAG_INVALID; | 349 | x->ex_flags |= EXFLAG_INVALID; |
| 345 | } | 350 | } |
| 351 | if (pci->pcPathLengthConstraint) { | ||
| 352 | x->ex_pcpathlen = | ||
| 353 | ASN1_INTEGER_get(pci->pcPathLengthConstraint); | ||
| 354 | } else x->ex_pcpathlen = -1; | ||
| 346 | PROXY_CERT_INFO_EXTENSION_free(pci); | 355 | PROXY_CERT_INFO_EXTENSION_free(pci); |
| 347 | x->ex_flags |= EXFLAG_PROXY; | 356 | x->ex_flags |= EXFLAG_PROXY; |
| 348 | } | 357 | } |
| @@ -406,6 +415,11 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 406 | } | 415 | } |
| 407 | x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); | 416 | x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); |
| 408 | x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); | 417 | x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); |
| 418 | #ifndef OPENSSL_NO_RFC3779 | ||
| 419 | x->rfc3779_addr =X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL); | ||
| 420 | x->rfc3779_asid =X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, | ||
| 421 | NULL, NULL); | ||
| 422 | #endif | ||
| 409 | for (i = 0; i < X509_get_ext_count(x); i++) | 423 | for (i = 0; i < X509_get_ext_count(x); i++) |
| 410 | { | 424 | { |
| 411 | ex = X509_get_ext(x, i); | 425 | ex = X509_get_ext(x, i); |