diff options
Diffstat (limited to 'openssl/crypto/x509v3')
| -rw-r--r-- | openssl/crypto/x509v3/Makefile | 34 | ||||
| -rw-r--r-- | openssl/crypto/x509v3/v3_alt.c | 18 | ||||
| -rw-r--r-- | openssl/crypto/x509v3/v3_cpols.c | 8 | ||||
| -rwxr-xr-x | openssl/crypto/x509v3/v3_scts.c | 11 | ||||
| -rw-r--r-- | openssl/crypto/x509v3/v3_utl.c | 6 |
5 files changed, 43 insertions, 34 deletions
diff --git a/openssl/crypto/x509v3/Makefile b/openssl/crypto/x509v3/Makefile index cdbfd5240..9791b77a0 100644 --- a/openssl/crypto/x509v3/Makefile +++ b/openssl/crypto/x509v3/Makefile @@ -71,6 +71,8 @@ tests: lint: lint -DLINT $(INCLUDES) $(SRC)>fluff +update: depend + depend: @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) @@ -535,26 +537,18 @@ v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h v3_purp.o: ../cryptlib.h v3_purp.c v3_scts.o: ../../e_os.h ../../include/openssl/asn1.h v3_scts.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -v3_scts.o: ../../include/openssl/comp.h ../../include/openssl/conf.h -v3_scts.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -v3_scts.o: ../../include/openssl/dtls1.h ../../include/openssl/e_os2.h -v3_scts.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -v3_scts.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -v3_scts.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h -v3_scts.o: ../../include/openssl/kssl.h ../../include/openssl/lhash.h -v3_scts.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_scts.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -v3_scts.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -v3_scts.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -v3_scts.o: ../../include/openssl/pqueue.h ../../include/openssl/rsa.h -v3_scts.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -v3_scts.o: ../../include/openssl/srtp.h ../../include/openssl/ssl.h -v3_scts.o: ../../include/openssl/ssl2.h ../../include/openssl/ssl23.h -v3_scts.o: ../../include/openssl/ssl3.h ../../include/openssl/stack.h -v3_scts.o: ../../include/openssl/symhacks.h ../../include/openssl/tls1.h -v3_scts.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -v3_scts.o: ../../include/openssl/x509v3.h ../../ssl/ssl_locl.h ../cryptlib.h -v3_scts.o: v3_scts.c +v3_scts.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h +v3_scts.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +v3_scts.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +v3_scts.o: ../../include/openssl/err.h ../../include/openssl/evp.h +v3_scts.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +v3_scts.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +v3_scts.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +v3_scts.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h +v3_scts.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +v3_scts.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +v3_scts.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h +v3_scts.o: ../cryptlib.h v3_scts.c v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h diff --git a/openssl/crypto/x509v3/v3_alt.c b/openssl/crypto/x509v3/v3_alt.c index 807867b91..22ec20284 100644 --- a/openssl/crypto/x509v3/v3_alt.c +++ b/openssl/crypto/x509v3/v3_alt.c @@ -584,24 +584,26 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) { - int ret; - STACK_OF(CONF_VALUE) *sk; - X509_NAME *nm; + int ret = 0; + STACK_OF(CONF_VALUE) *sk = NULL; + X509_NAME *nm = NULL; if (!(nm = X509_NAME_new())) - return 0; + goto err; sk = X509V3_get_section(ctx, value); if (!sk) { X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); - X509_NAME_free(nm); - return 0; + goto err; } /* FIXME: should allow other character types... */ ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); if (!ret) - X509_NAME_free(nm); + goto err; gen->d.dirn = nm; - X509V3_section_free(ctx, sk); +err: + if (ret == 0) + X509_NAME_free(nm); + X509V3_section_free(ctx, sk); return ret; } diff --git a/openssl/crypto/x509v3/v3_cpols.c b/openssl/crypto/x509v3/v3_cpols.c index dca6ab2ec..0febc1b3e 100644 --- a/openssl/crypto/x509v3/v3_cpols.c +++ b/openssl/crypto/x509v3/v3_cpols.c @@ -230,11 +230,11 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, goto merr; if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; - if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) { + if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) { X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR); goto err; } - if(!(qual->d.cpsuri = M_ASN1_IA5STRING_new())) + if (!(qual->d.cpsuri = M_ASN1_IA5STRING_new())) goto merr; if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value, strlen(cnf->value))) @@ -294,7 +294,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, POLICYQUALINFO *qual; if (!(qual = POLICYQUALINFO_new())) goto merr; - if(!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) { + if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) { X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR); goto err; } @@ -304,7 +304,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { cnf = sk_CONF_VALUE_value(unot, i); if (!strcmp(cnf->name, "explicitText")) { - if(!(not->exptext = M_ASN1_VISIBLESTRING_new())) + if (!(not->exptext = M_ASN1_VISIBLESTRING_new())) goto merr; if (!ASN1_STRING_set(not->exptext, cnf->value, strlen(cnf->value))) diff --git a/openssl/crypto/x509v3/v3_scts.c b/openssl/crypto/x509v3/v3_scts.c index 9a4c3eba0..6e0b8d684 100755 --- a/openssl/crypto/x509v3/v3_scts.c +++ b/openssl/crypto/x509v3/v3_scts.c @@ -60,7 +60,16 @@ #include "cryptlib.h" #include <openssl/asn1.h> #include <openssl/x509v3.h> -#include "../ssl/ssl_locl.h" + +/* Signature and hash algorithms from RFC 5246 */ +#define TLSEXT_hash_sha256 4 + +#define TLSEXT_signature_rsa 1 +#define TLSEXT_signature_ecdsa 3 + + +#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \ + (((unsigned int)(c[1])) )),c+=2) #if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) # define SCT_TIMESTAMP unsigned __int64 diff --git a/openssl/crypto/x509v3/v3_utl.c b/openssl/crypto/x509v3/v3_utl.c index ed6099e12..bdd7b95f4 100644 --- a/openssl/crypto/x509v3/v3_utl.c +++ b/openssl/crypto/x509v3/v3_utl.c @@ -285,6 +285,10 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) int state; /* We are going to modify the line so copy it first */ linebuf = BUF_strdup(line); + if (linebuf == NULL) { + X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE); + goto err; + } state = HDR_NAME; ntmp = NULL; /* Go through all characters */ @@ -807,7 +811,7 @@ static const unsigned char *valid_star(const unsigned char *p, size_t len, */ if (p[i] == '*') { int atstart = (state & LABEL_START); - int atend = (i == len - 1 || p[i + i] == '.'); + int atend = (i == len - 1 || p[i + 1] == '.'); /*- * At most one wildcard per pattern. * No wildcards in IDNA labels. |