summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509v3
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509v3')
-rw-r--r--src/lib/libcrypto/x509v3/v3_conf.c2
-rw-r--r--src/lib/libcrypto/x509v3/v3_cpols.c24
-rw-r--r--src/lib/libcrypto/x509v3/v3_lib.c1
-rw-r--r--src/lib/libcrypto/x509v3/v3_prn.c2
4 files changed, 15 insertions, 14 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
index 1a3448e121..1284d5aaa5 100644
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ b/src/lib/libcrypto/x509v3/v3_conf.c
@@ -236,7 +236,7 @@ static int v3_check_critical(char **value)
236static int v3_check_generic(char **value) 236static int v3_check_generic(char **value)
237{ 237{
238 char *p = *value; 238 char *p = *value;
239 if ((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0; 239 if ((strlen(p) < 4) || strncmp(p, "DER:", 4)) return 0;
240 p+=4; 240 p+=4;
241 while (isspace((unsigned char)*p)) p++; 241 while (isspace((unsigned char)*p)) p++;
242 *value = p; 242 *value = p;
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c
index 0d4ab1f680..0d554f3a2c 100644
--- a/src/lib/libcrypto/x509v3/v3_cpols.c
+++ b/src/lib/libcrypto/x509v3/v3_cpols.c
@@ -73,7 +73,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
73 STACK_OF(CONF_VALUE) *polstrs, int ia5org); 73 STACK_OF(CONF_VALUE) *polstrs, int ia5org);
74static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, 74static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
75 STACK_OF(CONF_VALUE) *unot, int ia5org); 75 STACK_OF(CONF_VALUE) *unot, int ia5org);
76static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos); 76static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
77 77
78X509V3_EXT_METHOD v3_cpols = { 78X509V3_EXT_METHOD v3_cpols = {
79NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES), 79NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES),
@@ -226,6 +226,8 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
226 qual = notice_section(ctx, unot, ia5org); 226 qual = notice_section(ctx, unot, ia5org);
227 X509V3_section_free(ctx, unot); 227 X509V3_section_free(ctx, unot);
228 if(!qual) goto err; 228 if(!qual) goto err;
229 if(!pol->qualifiers) pol->qualifiers =
230 sk_POLICYQUALINFO_new_null();
229 if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) 231 if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
230 goto merr; 232 goto merr;
231 } else { 233 } else {
@@ -255,7 +257,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
255static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, 257static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
256 STACK_OF(CONF_VALUE) *unot, int ia5org) 258 STACK_OF(CONF_VALUE) *unot, int ia5org)
257{ 259{
258 int i; 260 int i, ret;
259 CONF_VALUE *cnf; 261 CONF_VALUE *cnf;
260 USERNOTICE *not; 262 USERNOTICE *not;
261 POLICYQUALINFO *qual; 263 POLICYQUALINFO *qual;
@@ -275,8 +277,8 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
275 if(!(nref = NOTICEREF_new())) goto merr; 277 if(!(nref = NOTICEREF_new())) goto merr;
276 not->noticeref = nref; 278 not->noticeref = nref;
277 } else nref = not->noticeref; 279 } else nref = not->noticeref;
278 if(ia5org) nref->organization = M_ASN1_IA5STRING_new(); 280 if(ia5org) nref->organization->type = V_ASN1_IA5STRING;
279 else nref->organization = M_ASN1_VISIBLESTRING_new(); 281 else nref->organization->type = V_ASN1_VISIBLESTRING;
280 if(!ASN1_STRING_set(nref->organization, cnf->value, 282 if(!ASN1_STRING_set(nref->organization, cnf->value,
281 strlen(cnf->value))) goto merr; 283 strlen(cnf->value))) goto merr;
282 } else if(!strcmp(cnf->name, "noticeNumbers")) { 284 } else if(!strcmp(cnf->name, "noticeNumbers")) {
@@ -292,12 +294,12 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
292 X509V3_conf_err(cnf); 294 X509V3_conf_err(cnf);
293 goto err; 295 goto err;
294 } 296 }
295 nref->noticenos = nref_nos(nos); 297 ret = nref_nos(nref->noticenos, nos);
296 sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); 298 sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
297 if(!nref->noticenos) goto err; 299 if (!ret)
300 goto err;
298 } else { 301 } else {
299 X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION); 302 X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
300
301 X509V3_conf_err(cnf); 303 X509V3_conf_err(cnf);
302 goto err; 304 goto err;
303 } 305 }
@@ -319,15 +321,13 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
319 return NULL; 321 return NULL;
320} 322}
321 323
322static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos) 324static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
323{ 325{
324 STACK_OF(ASN1_INTEGER) *nnums;
325 CONF_VALUE *cnf; 326 CONF_VALUE *cnf;
326 ASN1_INTEGER *aint; 327 ASN1_INTEGER *aint;
327 328
328 int i; 329 int i;
329 330
330 if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr;
331 for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { 331 for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
332 cnf = sk_CONF_VALUE_value(nos, i); 332 cnf = sk_CONF_VALUE_value(nos, i);
333 if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { 333 if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
@@ -336,14 +336,14 @@ static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos)
336 } 336 }
337 if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; 337 if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr;
338 } 338 }
339 return nnums; 339 return 1;
340 340
341 merr: 341 merr:
342 X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); 342 X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
343 343
344 err: 344 err:
345 sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); 345 sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
346 return NULL; 346 return 0;
347} 347}
348 348
349 349
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c
index 482ca8ccf5..ca5a4a4a57 100644
--- a/src/lib/libcrypto/x509v3/v3_lib.c
+++ b/src/lib/libcrypto/x509v3/v3_lib.c
@@ -202,6 +202,7 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
202 if(OBJ_obj2nid(ex->object) == nid) { 202 if(OBJ_obj2nid(ex->object) == nid) {
203 if(idx) { 203 if(idx) {
204 *idx = i; 204 *idx = i;
205 found_ex = ex;
205 break; 206 break;
206 } else if(found_ex) { 207 } else if(found_ex) {
207 /* Found more than one */ 208 /* Found more than one */
diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c
index 754808b625..5d268eb768 100644
--- a/src/lib/libcrypto/x509v3/v3_prn.c
+++ b/src/lib/libcrypto/x509v3/v3_prn.c
@@ -184,7 +184,7 @@ int X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts
184 j=X509_EXTENSION_get_critical(ex); 184 j=X509_EXTENSION_get_critical(ex);
185 if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) 185 if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
186 return 0; 186 return 0;
187 if(!X509V3_EXT_print(bp, ex, flag, 12)) 187 if(!X509V3_EXT_print(bp, ex, flag, indent + 4))
188 { 188 {
189 BIO_printf(bp, "%*s", indent + 4, ""); 189 BIO_printf(bp, "%*s", indent + 4, "");
190 M_ASN1_OCTET_STRING_print(bp,ex->value); 190 M_ASN1_OCTET_STRING_print(bp,ex->value);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 02:06:02 +0000