Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | | - |
27 | | - |
28 | | - |
29 | | - |
30 | | - |
31 | | - |
32 | | - |
33 | | - |
34 | | - |
35 | | - |
36 | | - |
37 | | - |
38 | | - |
39 | | - |
40 | | - |
41 | | - |
42 | | - |
43 | | - |
44 | | - |
45 | | - |
46 | | - |
47 | | - |
48 | | - |
49 | | - |
50 | | - |
51 | | - |
52 | | - |
53 | | - |
54 | | - |
55 | | - |
56 | | - |
57 | | - |
58 | | - |
59 | | - |
60 | #include <ctype.h> | - |
61 | #include <stdio.h> | - |
62 | #include <string.h> | - |
63 | | - |
64 | #include <openssl/bn.h> | - |
65 | #include <openssl/conf.h> | - |
66 | #include <openssl/err.h> | - |
67 | #include <openssl/x509v3.h> | - |
68 | | - |
69 | static char *strip_spaces(char *name); | - |
70 | static int sk_strcmp(const char * const *a, const char * const *b); | - |
71 | static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, | - |
72 | GENERAL_NAMES *gens); | - |
73 | static void str_free(OPENSSL_STRING str); | - |
74 | static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email); | - |
75 | | - |
76 | static int ipv4_from_asc(unsigned char *v4, const char *in); | - |
77 | static int ipv6_from_asc(unsigned char *v6, const char *in); | - |
78 | static int ipv6_cb(const char *elem, int len, void *usr); | - |
79 | static int ipv6_hex(unsigned char *out, const char *in, int inlen); | - |
80 | | - |
81 | | - |
82 | | - |
83 | int | - |
84 | X509V3_add_value(const char *name, const char *value, | - |
85 | STACK_OF(CONF_VALUE) **extlist) | - |
86 | { | - |
87 | CONF_VALUE *vtmp = NULL; | - |
88 | char *tname = NULL, *tvalue = NULL; | - |
89 | | - |
90 | if (name && !(tname = strdup(name))) never executed: __retval = (char *) memcpy (__retval, name , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 4 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 4 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 4 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
| 0-4 |
91 | goto err; never executed: goto err; | 0 |
92 | if (value && !(tvalue = strdup(value))) never executed: __retval = (char *) memcpy (__retval, value , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 1 time by 1 test | FALSE | evaluated 3 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 1 time by 1 test |
TRUE | never evaluated | FALSE | evaluated 1 time by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
| 0-3 |
93 | goto err; never executed: goto err; | 0 |
94 | if (!(vtmp = malloc(sizeof(CONF_VALUE))))TRUE | never evaluated | FALSE | evaluated 4 times by 1 test |
| 0-4 |
95 | goto err; never executed: goto err; | 0 |
96 | if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))TRUE | evaluated 2 times by 1 test | FALSE | evaluated 2 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
97 | goto err; never executed: goto err; | 0 |
98 | vtmp->section = NULL; | - |
99 | vtmp->name = tname; | - |
100 | vtmp->value = tvalue; | - |
101 | if (!sk_CONF_VALUE_push(*extlist, vtmp))TRUE | never evaluated | FALSE | evaluated 4 times by 1 test |
| 0-4 |
102 | goto err; never executed: goto err; | 0 |
103 | return 1;executed 4 times by 1 test: return 1; | 4 |
104 | | - |
105 | err: | - |
106 | X509V3error(ERR_R_MALLOC_FAILURE); | - |
107 | free(vtmp); | - |
108 | free(tname); | - |
109 | free(tvalue); | - |
110 | return 0; never executed: return 0; | 0 |
111 | } | - |
112 | | - |
113 | int | - |
114 | X509V3_add_value_uchar(const char *name, const unsigned char *value, | - |
115 | STACK_OF(CONF_VALUE) **extlist) | - |
116 | { | - |
117 | return X509V3_add_value(name, (const char *)value, extlist); never executed: return X509V3_add_value(name, (const char *)value, extlist); | 0 |
118 | } | - |
119 | | - |
120 | | - |
121 | | - |
122 | void | - |
123 | X509V3_conf_free(CONF_VALUE *conf) | - |
124 | { | - |
125 | if (!conf)TRUE | evaluated 1 time by 1 test | FALSE | evaluated 4 times by 1 test |
| 1-4 |
126 | return;executed 1 time by 1 test: return; | 1 |
127 | free(conf->name); | - |
128 | free(conf->value); | - |
129 | free(conf->section); | - |
130 | free(conf); | - |
131 | }executed 4 times by 1 test: end of block | 4 |
132 | | - |
133 | int | - |
134 | X509V3_add_value_bool(const char *name, int asn1_bool, | - |
135 | STACK_OF(CONF_VALUE) **extlist) | - |
136 | { | - |
137 | if (asn1_bool)TRUE | never evaluated | FALSE | evaluated 1 time by 1 test |
| 0-1 |
138 | return X509V3_add_value(name, "TRUE", extlist); never executed: return X509V3_add_value(name, "TRUE", extlist); | 0 |
139 | return X509V3_add_value(name, "FALSE", extlist);executed 1 time by 1 test: return X509V3_add_value(name, "FALSE", extlist); | 1 |
140 | } | - |
141 | | - |
142 | int | - |
143 | X509V3_add_value_bool_nf(const char *name, int asn1_bool, | - |
144 | STACK_OF(CONF_VALUE) **extlist) | - |
145 | { | - |
146 | if (asn1_bool)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
147 | return X509V3_add_value(name, "TRUE", extlist); never executed: return X509V3_add_value(name, "TRUE", extlist); | 0 |
148 | return 1; never executed: return 1; | 0 |
149 | } | - |
150 | | - |
151 | | - |
152 | char * | - |
153 | i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a) | - |
154 | { | - |
155 | BIGNUM *bntmp = NULL; | - |
156 | char *strtmp = NULL; | - |
157 | | - |
158 | if (!a)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
159 | return NULL; never executed: return ((void *)0) ; | 0 |
160 | if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
161 | !(strtmp = BN_bn2dec(bntmp)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
162 | X509V3error(ERR_R_MALLOC_FAILURE); never executed: ERR_put_error(34,(0xfff),((1|64)),__FILE__,162); | 0 |
163 | BN_free(bntmp); | - |
164 | return strtmp; never executed: return strtmp; | 0 |
165 | } | - |
166 | | - |
167 | char * | - |
168 | i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a) | - |
169 | { | - |
170 | BIGNUM *bntmp = NULL; | - |
171 | char *strtmp = NULL; | - |
172 | | - |
173 | if (!a)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
174 | return NULL; never executed: return ((void *)0) ; | 0 |
175 | if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
176 | !(strtmp = BN_bn2dec(bntmp)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
177 | X509V3error(ERR_R_MALLOC_FAILURE); never executed: ERR_put_error(34,(0xfff),((1|64)),__FILE__,177); | 0 |
178 | BN_free(bntmp); | - |
179 | return strtmp; never executed: return strtmp; | 0 |
180 | } | - |
181 | | - |
182 | ASN1_INTEGER * | - |
183 | s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, const char *value) | - |
184 | { | - |
185 | BIGNUM *bn = NULL; | - |
186 | ASN1_INTEGER *aint; | - |
187 | int isneg, ishex; | - |
188 | int ret; | - |
189 | | - |
190 | if (!value) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
191 | X509V3error(X509V3_R_INVALID_NULL_VALUE); | - |
192 | return 0; never executed: return 0; | 0 |
193 | } | - |
194 | bn = BN_new(); | - |
195 | if (value[0] == '-') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
196 | value++; | - |
197 | isneg = 1; | - |
198 | } else never executed: end of block | 0 |
199 | isneg = 0; never executed: isneg = 0; | 0 |
200 | | - |
201 | if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
202 | value += 2; | - |
203 | ishex = 1; | - |
204 | } else never executed: end of block | 0 |
205 | ishex = 0; never executed: ishex = 0; | 0 |
206 | | - |
207 | if (ishex)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
208 | ret = BN_hex2bn(&bn, value); never executed: ret = BN_hex2bn(&bn, value); | 0 |
209 | else | - |
210 | ret = BN_dec2bn(&bn, value); never executed: ret = BN_dec2bn(&bn, value); | 0 |
211 | | - |
212 | if (!ret || value[ret]) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
213 | BN_free(bn); | - |
214 | X509V3error(X509V3_R_BN_DEC2BN_ERROR); | - |
215 | return 0; never executed: return 0; | 0 |
216 | } | - |
217 | | - |
218 | if (isneg && BN_is_zero(bn))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
219 | isneg = 0; never executed: isneg = 0; | 0 |
220 | | - |
221 | aint = BN_to_ASN1_INTEGER(bn, NULL); | - |
222 | BN_free(bn); | - |
223 | if (!aint) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
224 | X509V3error(X509V3_R_BN_TO_ASN1_INTEGER_ERROR); | - |
225 | return 0; never executed: return 0; | 0 |
226 | } | - |
227 | if (isneg)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
228 | aint->type |= V_ASN1_NEG; never executed: aint->type |= 0x100; | 0 |
229 | return aint; never executed: return aint; | 0 |
230 | } | - |
231 | | - |
232 | int | - |
233 | X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint, | - |
234 | STACK_OF(CONF_VALUE) **extlist) | - |
235 | { | - |
236 | char *strtmp; | - |
237 | int ret; | - |
238 | | - |
239 | if (!aint)TRUE | evaluated 1 time by 1 test | FALSE | never evaluated |
| 0-1 |
240 | return 1;executed 1 time by 1 test: return 1; | 1 |
241 | if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
242 | return 0; never executed: return 0; | 0 |
243 | ret = X509V3_add_value(name, strtmp, extlist); | - |
244 | free(strtmp); | - |
245 | return ret; never executed: return ret; | 0 |
246 | } | - |
247 | | - |
248 | int | - |
249 | X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool) | - |
250 | { | - |
251 | char *btmp; | - |
252 | | - |
253 | if (!(btmp = value->value))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
254 | goto err; never executed: goto err; | 0 |
255 | if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") || never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "TRUE" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "true" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
256 | !strcmp(btmp, "Y") || !strcmp(btmp, "y") || never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "Y" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "y" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
257 | !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) { never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "YES" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "yes" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
258 | *asn1_bool = 0xff; | - |
259 | return 1; never executed: return 1; | 0 |
260 | } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") || never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "FALSE" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "false" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
261 | !strcmp(btmp, "N") || !strcmp(btmp, "n") || never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "N" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "n" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
262 | !strcmp(btmp, "NO") || !strcmp(btmp, "no")) { never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "NO" ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( btmp ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "no" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
263 | *asn1_bool = 0; | - |
264 | return 1; never executed: return 1; | 0 |
265 | } | - |
266 | | - |
267 | err: code before this statement never executed: err: | 0 |
268 | X509V3error(X509V3_R_INVALID_BOOLEAN_STRING); | - |
269 | X509V3_conf_err(value); | - |
270 | return 0; never executed: return 0; | 0 |
271 | } | - |
272 | | - |
273 | int | - |
274 | X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint) | - |
275 | { | - |
276 | ASN1_INTEGER *itmp; | - |
277 | | - |
278 | if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
279 | X509V3_conf_err(value); | - |
280 | return 0; never executed: return 0; | 0 |
281 | } | - |
282 | *aint = itmp; | - |
283 | return 1; never executed: return 1; | 0 |
284 | } | - |
285 | | - |
286 | #define HDR_NAME 1 | - |
287 | #define HDR_VALUE 2 | - |
288 | | - |
289 | | - |
290 | | - |
291 | STACK_OF(CONF_VALUE) * | - |
292 | X509V3_parse_list(const char *line) | - |
293 | { | - |
294 | char *p, *q, c; | - |
295 | char *ntmp, *vtmp; | - |
296 | STACK_OF(CONF_VALUE) *values = NULL; | - |
297 | char *linebuf; | - |
298 | int state; | - |
299 | | - |
300 | | - |
301 | if ((linebuf = strdup(line)) == NULL) { never executed: __retval = (char *) memcpy (__retval, line , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
302 | X509V3error(ERR_R_MALLOC_FAILURE); | - |
303 | goto err; never executed: goto err; | 0 |
304 | } | - |
305 | state = HDR_NAME; | - |
306 | ntmp = NULL; | - |
307 | | - |
308 | | - |
309 | for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') &&TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
310 | (c != '\n'); p++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
311 | | - |
312 | switch (state) { | - |
313 | case HDR_NAME: never executed: case 1: | 0 |
314 | if (c == ':') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
315 | state = HDR_VALUE; | - |
316 | *p = 0; | - |
317 | ntmp = strip_spaces(q); | - |
318 | if (!ntmp) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
319 | X509V3error(X509V3_R_INVALID_NULL_NAME); | - |
320 | goto err; never executed: goto err; | 0 |
321 | } | - |
322 | q = p + 1; | - |
323 | } else if (c == ',') { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
324 | *p = 0; | - |
325 | ntmp = strip_spaces(q); | - |
326 | q = p + 1; | - |
327 | if (!ntmp) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
328 | X509V3error(X509V3_R_INVALID_NULL_NAME); | - |
329 | goto err; never executed: goto err; | 0 |
330 | } | - |
331 | X509V3_add_value(ntmp, NULL, &values); | - |
332 | } never executed: end of block | 0 |
333 | break; never executed: break; | 0 |
334 | | - |
335 | case HDR_VALUE: never executed: case 2: | 0 |
336 | if (c == ',') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
337 | state = HDR_NAME; | - |
338 | *p = 0; | - |
339 | vtmp = strip_spaces(q); | - |
340 | if (!vtmp) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
341 | X509V3error(X509V3_R_INVALID_NULL_VALUE); | - |
342 | goto err; never executed: goto err; | 0 |
343 | } | - |
344 | X509V3_add_value(ntmp, vtmp, &values); | - |
345 | ntmp = NULL; | - |
346 | q = p + 1; | - |
347 | } never executed: end of block | 0 |
348 | | - |
349 | } never executed: end of block | 0 |
350 | } never executed: end of block | 0 |
351 | | - |
352 | if (state == HDR_VALUE) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
353 | vtmp = strip_spaces(q); | - |
354 | if (!vtmp) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
355 | X509V3error(X509V3_R_INVALID_NULL_VALUE); | - |
356 | goto err; never executed: goto err; | 0 |
357 | } | - |
358 | X509V3_add_value(ntmp, vtmp, &values); | - |
359 | } else { never executed: end of block | 0 |
360 | ntmp = strip_spaces(q); | - |
361 | if (!ntmp) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
362 | X509V3error(X509V3_R_INVALID_NULL_NAME); | - |
363 | goto err; never executed: goto err; | 0 |
364 | } | - |
365 | X509V3_add_value(ntmp, NULL, &values); | - |
366 | } never executed: end of block | 0 |
367 | free(linebuf); | - |
368 | return values; never executed: return values; | 0 |
369 | | - |
370 | err: | - |
371 | free(linebuf); | - |
372 | sk_CONF_VALUE_pop_free(values, X509V3_conf_free); | - |
373 | return NULL; never executed: return ((void *)0) ; | 0 |
374 | | - |
375 | } | - |
376 | | - |
377 | | - |
378 | static char * | - |
379 | strip_spaces(char *name) | - |
380 | { | - |
381 | char *p, *q; | - |
382 | | - |
383 | | - |
384 | p = name; | - |
385 | while (*p && isspace((unsigned char)*p))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
386 | p++; never executed: p++; | 0 |
387 | if (!*p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
388 | return NULL; never executed: return ((void *)0) ; | 0 |
389 | q = p + strlen(p) - 1; | - |
390 | while ((q != p) && isspace((unsigned char)*q))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
391 | q--; never executed: q--; | 0 |
392 | if (p != q)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
393 | q[1] = 0; never executed: q[1] = 0; | 0 |
394 | if (!*p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
395 | return NULL; never executed: return ((void *)0) ; | 0 |
396 | return p; never executed: return p; | 0 |
397 | } | - |
398 | | - |
399 | | - |
400 | | - |
401 | | - |
402 | | - |
403 | | - |
404 | char * | - |
405 | hex_to_string(const unsigned char *buffer, long len) | - |
406 | { | - |
407 | char *tmp, *q; | - |
408 | const unsigned char *p; | - |
409 | int i; | - |
410 | static const char hexdig[] = "0123456789ABCDEF"; | - |
411 | | - |
412 | if (!buffer || !len)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
413 | return NULL; never executed: return ((void *)0) ; | 0 |
414 | if (!(tmp = malloc(len * 3 + 1))) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
415 | X509V3error(ERR_R_MALLOC_FAILURE); | - |
416 | return NULL; never executed: return ((void *)0) ; | 0 |
417 | } | - |
418 | q = tmp; | - |
419 | for (i = 0, p = buffer; i < len; i++, p++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
420 | *q++ = hexdig[(*p >> 4) & 0xf]; | - |
421 | *q++ = hexdig[*p & 0xf]; | - |
422 | *q++ = ':'; | - |
423 | } never executed: end of block | 0 |
424 | q[-1] = 0; | - |
425 | return tmp; never executed: return tmp; | 0 |
426 | } | - |
427 | | - |
428 | | - |
429 | | - |
430 | | - |
431 | | - |
432 | unsigned char * | - |
433 | string_to_hex(const char *str, long *len) | - |
434 | { | - |
435 | unsigned char *hexbuf, *q; | - |
436 | unsigned char ch, cl, *p; | - |
437 | if (!str) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
438 | X509V3error(X509V3_R_INVALID_NULL_ARGUMENT); | - |
439 | return NULL; never executed: return ((void *)0) ; | 0 |
440 | } | - |
441 | if (!(hexbuf = malloc(strlen(str) >> 1)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
442 | goto err; never executed: goto err; | 0 |
443 | for (p = (unsigned char *)str, q = hexbuf; *p; ) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
444 | ch = *p++; | - |
445 | if (ch == ':')TRUE | never evaluated | FALSE | never evaluated |
| 0 |
446 | continue; never executed: continue; | 0 |
447 | cl = *p++; | - |
448 | if (!cl) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
449 | X509V3error(X509V3_R_ODD_NUMBER_OF_DIGITS); | - |
450 | free(hexbuf); | - |
451 | return NULL; never executed: return ((void *)0) ; | 0 |
452 | } | - |
453 | ch = tolower(ch); never executed: end of block never executed: __res = tolower ( ch ); never executed: __res = (*__ctype_tolower_loc ())[(int) ( ch )]; TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
454 | cl = tolower(cl); never executed: end of block never executed: __res = tolower ( cl ); never executed: __res = (*__ctype_tolower_loc ())[(int) ( cl )]; TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
455 | | - |
456 | if ((ch >= '0') && (ch <= '9'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
457 | ch -= '0'; never executed: ch -= '0'; | 0 |
458 | else if ((ch >= 'a') && (ch <= 'f'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
459 | ch -= 'a' - 10; never executed: ch -= 'a' - 10; | 0 |
460 | else | - |
461 | goto badhex; never executed: goto badhex; | 0 |
462 | | - |
463 | if ((cl >= '0') && (cl <= '9'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
464 | cl -= '0'; never executed: cl -= '0'; | 0 |
465 | else if ((cl >= 'a') && (cl <= 'f'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
466 | cl -= 'a' - 10; never executed: cl -= 'a' - 10; | 0 |
467 | else | - |
468 | goto badhex; never executed: goto badhex; | 0 |
469 | | - |
470 | *q++ = (ch << 4) | cl; | - |
471 | } never executed: end of block | 0 |
472 | | - |
473 | if (len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
474 | *len = q - hexbuf; never executed: *len = q - hexbuf; | 0 |
475 | | - |
476 | return hexbuf; never executed: return hexbuf; | 0 |
477 | | - |
478 | err: | - |
479 | free(hexbuf); | - |
480 | X509V3error(ERR_R_MALLOC_FAILURE); | - |
481 | return NULL; never executed: return ((void *)0) ; | 0 |
482 | | - |
483 | badhex: | - |
484 | free(hexbuf); | - |
485 | X509V3error(X509V3_R_ILLEGAL_HEX_DIGIT); | - |
486 | return NULL; never executed: return ((void *)0) ; | 0 |
487 | } | - |
488 | | - |
489 | | - |
490 | | - |
491 | | - |
492 | | - |
493 | int | - |
494 | name_cmp(const char *name, const char *cmp) | - |
495 | { | - |
496 | int len, ret; | - |
497 | char c; | - |
498 | | - |
499 | len = strlen(cmp); | - |
500 | if ((ret = strncmp(name, cmp, len))) never executed: __result = (((const unsigned char *) (const char *) ( name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cmp ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
501 | return ret; never executed: return ret; | 0 |
502 | c = name[len]; | - |
503 | if (!c || (c=='.'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
504 | return 0; never executed: return 0; | 0 |
505 | return 1; never executed: return 1; | 0 |
506 | } | - |
507 | | - |
508 | static int | - |
509 | sk_strcmp(const char * const *a, const char * const *b) | - |
510 | { | - |
511 | return strcmp(*a, *b); never executed: return __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p ( *a ) && __builtin_constant_p ( *b ) && (__s1_len = __builtin_strlen ( *a ), __s2_len = __builtin_strlen ( *b ), (!((size_t)(const void *)(( *a ) + 1) - (size_t)(const void *)( *a )...ult == 0) { __result = (((const unsigned char *) (const char *) ( *b ))[2] - __s2[2]); if (__s2_len > 2 && __result == 0) __result = (((const unsigned char *) (const char *) ( *b ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp ( *a , *b )))); }) ; never executed: __result = (((const unsigned char *) (const char *) ( *a ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( *b ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
512 | } | - |
513 | | - |
514 | STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x) | - |
515 | { | - |
516 | GENERAL_NAMES *gens; | - |
517 | STACK_OF(OPENSSL_STRING) *ret; | - |
518 | | - |
519 | gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); | - |
520 | ret = get_email(X509_get_subject_name(x), gens); | - |
521 | sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); | - |
522 | return ret; never executed: return ret; | 0 |
523 | } | - |
524 | | - |
525 | STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x) | - |
526 | { | - |
527 | AUTHORITY_INFO_ACCESS *info; | - |
528 | STACK_OF(OPENSSL_STRING) *ret = NULL; | - |
529 | int i; | - |
530 | | - |
531 | info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL); | - |
532 | if (!info)TRUE | evaluated 4 times by 1 test | FALSE | never evaluated |
| 0-4 |
533 | return NULL;executed 4 times by 1 test: return ((void *)0) ; | 4 |
534 | for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
535 | ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); | - |
536 | if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
537 | if (ad->location->type == GEN_URI) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
538 | if (!append_ia5(&ret,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
539 | ad->location->d.uniformResourceIdentifier))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
540 | break; never executed: break; | 0 |
541 | } never executed: end of block | 0 |
542 | } never executed: end of block | 0 |
543 | } never executed: end of block | 0 |
544 | AUTHORITY_INFO_ACCESS_free(info); | - |
545 | return ret; never executed: return ret; | 0 |
546 | } | - |
547 | | - |
548 | STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x) | - |
549 | { | - |
550 | GENERAL_NAMES *gens; | - |
551 | STACK_OF(X509_EXTENSION) *exts; | - |
552 | STACK_OF(OPENSSL_STRING) *ret; | - |
553 | | - |
554 | exts = X509_REQ_get_extensions(x); | - |
555 | gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL); | - |
556 | ret = get_email(X509_REQ_get_subject_name(x), gens); | - |
557 | sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); | - |
558 | sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); | - |
559 | return ret; never executed: return ret; | 0 |
560 | } | - |
561 | | - |
562 | | - |
563 | static | - |
564 | STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens) | - |
565 | { | - |
566 | STACK_OF(OPENSSL_STRING) *ret = NULL; | - |
567 | X509_NAME_ENTRY *ne; | - |
568 | ASN1_IA5STRING *email; | - |
569 | GENERAL_NAME *gen; | - |
570 | int i; | - |
571 | | - |
572 | | - |
573 | i = -1; | - |
574 | | - |
575 | | - |
576 | while ((i = X509_NAME_get_index_by_NID(name,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
577 | NID_pkcs9_emailAddress, i)) >= 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
578 | ne = X509_NAME_get_entry(name, i); | - |
579 | email = X509_NAME_ENTRY_get_data(ne); | - |
580 | if (!append_ia5(&ret, email))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
581 | return NULL; never executed: return ((void *)0) ; | 0 |
582 | } never executed: end of block | 0 |
583 | for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
584 | gen = sk_GENERAL_NAME_value(gens, i); | - |
585 | if (gen->type != GEN_EMAIL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
586 | continue; never executed: continue; | 0 |
587 | if (!append_ia5(&ret, gen->d.ia5))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
588 | return NULL; never executed: return ((void *)0) ; | 0 |
589 | } never executed: end of block | 0 |
590 | return ret; never executed: return ret; | 0 |
591 | } | - |
592 | | - |
593 | static void | - |
594 | str_free(OPENSSL_STRING str) | - |
595 | { | - |
596 | free(str); | - |
597 | } never executed: end of block | 0 |
598 | | - |
599 | static int | - |
600 | append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email) | - |
601 | { | - |
602 | char *emtmp; | - |
603 | | - |
604 | | - |
605 | if (email->type != V_ASN1_IA5STRING)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
606 | return 1; never executed: return 1; | 0 |
607 | if (!email->data || !email->length)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
608 | return 1; never executed: return 1; | 0 |
609 | if (!*sk)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
610 | *sk = sk_OPENSSL_STRING_new(sk_strcmp); never executed: *sk = ((struct stack_st_OPENSSL_STRING *)sk_new(((int (*)(const void *, const void *)) ((1 ? sk_strcmp : (int (*)(const char * const *, const char * const *))0))))); | 0 |
611 | if (!*sk)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
612 | return 0; never executed: return 0; | 0 |
613 | | - |
614 | if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
615 | return 1; never executed: return 1; | 0 |
616 | emtmp = strdup((char *)email->data); never executed: __retval = (char *) memcpy (__retval, (char *)email->data , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
617 | if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
618 | X509_email_free(*sk); | - |
619 | *sk = NULL; | - |
620 | return 0; never executed: return 0; | 0 |
621 | } | - |
622 | return 1; never executed: return 1; | 0 |
623 | } | - |
624 | | - |
625 | void | - |
626 | X509_email_free(STACK_OF(OPENSSL_STRING) *sk) | - |
627 | { | - |
628 | sk_OPENSSL_STRING_pop_free(sk, str_free); | - |
629 | }executed 9 times by 2 tests: end of block | 9 |
630 | | - |
631 | typedef int (*equal_fn) (const unsigned char *pattern, size_t pattern_len, | - |
632 | const unsigned char *subject, size_t subject_len, unsigned int flags); | - |
633 | | - |
634 | | - |
635 | static void skip_prefix(const unsigned char **p, size_t *plen, | - |
636 | const unsigned char *subject, size_t subject_len, unsigned int flags) | - |
637 | { | - |
638 | const unsigned char *pattern = *p; | - |
639 | size_t pattern_len = *plen; | - |
640 | | - |
641 | | - |
642 | | - |
643 | | - |
644 | | - |
645 | | - |
646 | | - |
647 | if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
648 | return; never executed: return; | 0 |
649 | | - |
650 | while (pattern_len > subject_len && *pattern) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
651 | if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
652 | *pattern == '.')TRUE | never evaluated | FALSE | never evaluated |
| 0 |
653 | break; never executed: break; | 0 |
654 | ++pattern; | - |
655 | --pattern_len; | - |
656 | } never executed: end of block | 0 |
657 | | - |
658 | | - |
659 | if (pattern_len == subject_len) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
660 | *p = pattern; | - |
661 | *plen = pattern_len; | - |
662 | } never executed: end of block | 0 |
663 | } never executed: end of block | 0 |
664 | | - |
665 | | - |
666 | | - |
667 | | - |
668 | | - |
669 | | - |
670 | | - |
671 | | - |
672 | | - |
673 | | - |
674 | static int equal_nocase(const unsigned char *pattern, size_t pattern_len, | - |
675 | const unsigned char *subject, size_t subject_len, | - |
676 | unsigned int flags) | - |
677 | { | - |
678 | if (memchr(pattern, '\0', pattern_len) != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
679 | return 0; never executed: return 0; | 0 |
680 | if (memchr(subject, '\0', subject_len) != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
681 | return 0; never executed: return 0; | 0 |
682 | skip_prefix(&pattern, &pattern_len, subject, subject_len, flags); | - |
683 | if (pattern_len != subject_len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
684 | return 0; never executed: return 0; | 0 |
685 | return (strncasecmp(pattern, subject, pattern_len) == 0); never executed: return (strncasecmp(pattern, subject, pattern_len) == 0); | 0 |
686 | } | - |
687 | | - |
688 | | - |
689 | static int equal_case(const unsigned char *pattern, size_t pattern_len, | - |
690 | const unsigned char *subject, size_t subject_len, | - |
691 | unsigned int flags) | - |
692 | { | - |
693 | if (memchr(pattern, 0, pattern_len) != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
694 | return 0; never executed: return 0; | 0 |
695 | if (memchr(subject, 0, subject_len) != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
696 | return 0; never executed: return 0; | 0 |
697 | skip_prefix(&pattern, &pattern_len, subject, subject_len, flags); | - |
698 | if (pattern_len != subject_len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
699 | return 0; never executed: return 0; | 0 |
700 | return (strncmp(pattern, subject, pattern_len) == 0); never executed: return ( (__extension__ (__builtin_constant_p ( pattern_len ) && ((__builtin_constant_p ( pattern ) && strlen ( pattern ) < ((size_t) ( pattern_len ))) || (__builtin_constant_p ( subject ) && strlen ( subject ) < ((size_t) ( pattern_len )))) ? __extension... ))[2] - __s2[2]); if (__s2_len > 2 && __result == 0) __result = (((const unsigned char *) (const char *) ( subject ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp ( pattern , subject )))); }) : strncmp ( pattern , subject , pattern_len ))) == 0); never executed: __result = (((const unsigned char *) (const char *) ( pattern ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( subject ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
701 | } | - |
702 | | - |
703 | | - |
704 | | - |
705 | | - |
706 | | - |
707 | static int equal_email(const unsigned char *a, size_t a_len, | - |
708 | const unsigned char *b, size_t b_len, | - |
709 | unsigned int unused_flags) | - |
710 | { | - |
711 | size_t pos = a_len; | - |
712 | if (a_len != b_len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
713 | return 0; never executed: return 0; | 0 |
714 | | - |
715 | | - |
716 | | - |
717 | | - |
718 | | - |
719 | while (pos > 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
720 | pos--; | - |
721 | if (a[pos] == '@' || b[pos] == '@') {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
722 | if (!equal_nocase(a + pos, a_len - pos, b + pos, a_len - pos, 0))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
723 | return 0; never executed: return 0; | 0 |
724 | break; never executed: break; | 0 |
725 | } | - |
726 | } never executed: end of block | 0 |
727 | if (pos == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
728 | pos = a_len; never executed: pos = a_len; | 0 |
729 | return equal_case(a, pos, b, pos, 0); never executed: return equal_case(a, pos, b, pos, 0); | 0 |
730 | } | - |
731 | | - |
732 | | - |
733 | | - |
734 | | - |
735 | | - |
736 | static int wildcard_match(const unsigned char *prefix, size_t prefix_len, | - |
737 | const unsigned char *suffix, size_t suffix_len, | - |
738 | const unsigned char *subject, size_t subject_len, unsigned int flags) | - |
739 | { | - |
740 | const unsigned char *wildcard_start; | - |
741 | const unsigned char *wildcard_end; | - |
742 | const unsigned char *p; | - |
743 | int allow_multi = 0; | - |
744 | int allow_idna = 0; | - |
745 | | - |
746 | if (subject_len < prefix_len + suffix_len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
747 | return 0; never executed: return 0; | 0 |
748 | if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
749 | return 0; never executed: return 0; | 0 |
750 | wildcard_start = subject + prefix_len; | - |
751 | wildcard_end = subject + (subject_len - suffix_len); | - |
752 | if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
753 | return 0; never executed: return 0; | 0 |
754 | | - |
755 | | - |
756 | | - |
757 | | - |
758 | if (prefix_len == 0 && *suffix == '.') {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
759 | if (wildcard_start == wildcard_end)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
760 | return 0; never executed: return 0; | 0 |
761 | allow_idna = 1; | - |
762 | if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
763 | allow_multi = 1; never executed: allow_multi = 1; | 0 |
764 | } never executed: end of block | 0 |
765 | | - |
766 | if (!allow_idna &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
767 | subject_len >= 4TRUE | never evaluated | FALSE | never evaluated |
| 0 |
768 | && strncasecmp((char *)subject, "xn--", 4) == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
769 | return 0; never executed: return 0; | 0 |
770 | | - |
771 | if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
772 | return 1; never executed: return 1; | 0 |
773 | | - |
774 | | - |
775 | | - |
776 | | - |
777 | | - |
778 | for (p = wildcard_start; p != wildcard_end; ++p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
779 | if (!(('0' <= *p && *p <= '9') || ('A' <= *p && *p <= 'Z') ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
780 | ('a' <= *p && *p <= 'z') || *p == '-' ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
781 | (allow_multi && *p == '.')))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
782 | return 0; never executed: return 0; | 0 |
783 | return 1; never executed: return 1; | 0 |
784 | } | - |
785 | | - |
786 | #define LABEL_START (1 << 0) | - |
787 | #define LABEL_END (1 << 1) | - |
788 | #define LABEL_HYPHEN (1 << 2) | - |
789 | #define LABEL_IDNA (1 << 3) | - |
790 | | - |
791 | static const unsigned char *valid_star(const unsigned char *p, size_t len, | - |
792 | unsigned int flags) | - |
793 | { | - |
794 | const unsigned char *star = 0; | - |
795 | size_t i; | - |
796 | int state = LABEL_START; | - |
797 | int dots = 0; | - |
798 | for (i = 0; i < len; ++i) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
799 | | - |
800 | | - |
801 | | - |
802 | | - |
803 | if (p[i] == '*') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
804 | int atstart = (state & LABEL_START); | - |
805 | int atend = (i == len - 1 || p[i + 1] == '.');TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
806 | | - |
807 | | - |
808 | | - |
809 | | - |
810 | | - |
811 | if (star != NULL || (state & LABEL_IDNA) != 0 || dots)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
812 | return NULL; never executed: return ((void *)0) ; | 0 |
813 | | - |
814 | if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
815 | && (!atstart || !atend))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
816 | return NULL; never executed: return ((void *)0) ; | 0 |
817 | | - |
818 | if (!atstart && !atend)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
819 | return NULL; never executed: return ((void *)0) ; | 0 |
820 | star = &p[i]; | - |
821 | state &= ~LABEL_START; | - |
822 | } else if ((state & LABEL_START) != 0) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
823 | | - |
824 | | - |
825 | | - |
826 | | - |
827 | | - |
828 | if ((state & LABEL_IDNA) == 0 && len - i >= 4TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
829 | && strncasecmp((char *)&p[i], "xn--", 4) == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
830 | i += 3; | - |
831 | state |= LABEL_IDNA; | - |
832 | continue; never executed: continue; | 0 |
833 | } | - |
834 | | - |
835 | state &= ~LABEL_START; | - |
836 | if (('a' <= p[i] && p[i] <= 'z')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
837 | || ('A' <= p[i] && p[i] <= 'Z')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
838 | || ('0' <= p[i] && p[i] <= '9'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
839 | continue; never executed: continue; | 0 |
840 | return NULL; never executed: return ((void *)0) ; | 0 |
841 | } else if (('a' <= p[i] && p[i] <= 'z')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
842 | || ('A' <= p[i] && p[i] <= 'Z')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
843 | || ('0' <= p[i] && p[i] <= '9')) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
844 | state &= LABEL_IDNA; | - |
845 | continue; never executed: continue; | 0 |
846 | } else if (p[i] == '.') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
847 | if (state & (LABEL_HYPHEN | LABEL_START))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
848 | return NULL; never executed: return ((void *)0) ; | 0 |
849 | state = LABEL_START; | - |
850 | ++dots; | - |
851 | } else if (p[i] == '-') { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
852 | | - |
853 | if ((state & LABEL_START) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
854 | return NULL; never executed: return ((void *)0) ; | 0 |
855 | state |= LABEL_HYPHEN; | - |
856 | } else never executed: end of block | 0 |
857 | return NULL; never executed: return ((void *)0) ; | 0 |
858 | } | - |
859 | | - |
860 | | - |
861 | | - |
862 | | - |
863 | | - |
864 | if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
865 | return NULL; never executed: return ((void *)0) ; | 0 |
866 | return star; never executed: return star; | 0 |
867 | } | - |
868 | | - |
869 | | - |
870 | static int equal_wildcard(const unsigned char *pattern, size_t pattern_len, | - |
871 | const unsigned char *subject, size_t subject_len, unsigned int flags) | - |
872 | { | - |
873 | const unsigned char *star = NULL; | - |
874 | | - |
875 | | - |
876 | | - |
877 | | - |
878 | | - |
879 | if (!(subject_len > 1 && subject[0] == '.'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
880 | star = valid_star(pattern, pattern_len, flags); never executed: star = valid_star(pattern, pattern_len, flags); | 0 |
881 | if (star == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
882 | return equal_nocase(pattern, pattern_len, never executed: return equal_nocase(pattern, pattern_len, subject, subject_len, flags); | 0 |
883 | subject, subject_len, flags); never executed: return equal_nocase(pattern, pattern_len, subject, subject_len, flags); | 0 |
884 | return wildcard_match(pattern, star - pattern, never executed: return wildcard_match(pattern, star - pattern, star + 1, (pattern + pattern_len) - star - 1, subject, subject_len, flags); | 0 |
885 | star + 1, (pattern + pattern_len) - star - 1, never executed: return wildcard_match(pattern, star - pattern, star + 1, (pattern + pattern_len) - star - 1, subject, subject_len, flags); | 0 |
886 | subject, subject_len, flags); never executed: return wildcard_match(pattern, star - pattern, star + 1, (pattern + pattern_len) - star - 1, subject, subject_len, flags); | 0 |
887 | } | - |
888 | | - |
889 | | - |
890 | | - |
891 | | - |
892 | | - |
893 | | - |
894 | | - |
895 | static int | - |
896 | do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, | - |
897 | unsigned int flags, const char *b, size_t blen, char **peername) | - |
898 | { | - |
899 | int rv = 0; | - |
900 | | - |
901 | if (!a->data || !a->length)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
902 | return 0; never executed: return 0; | 0 |
903 | if (cmp_type > 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
904 | if (cmp_type != a->type)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
905 | return 0; never executed: return 0; | 0 |
906 | if (cmp_type == V_ASN1_IA5STRING)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
907 | rv = equal(a->data, a->length, (unsigned char *)b, never executed: rv = equal(a->data, a->length, (unsigned char *)b, blen, flags); | 0 |
908 | blen, flags); never executed: rv = equal(a->data, a->length, (unsigned char *)b, blen, flags); | 0 |
909 | else if (a->length == (int)blen && !memcmp(a->data, b, blen))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
910 | rv = 1; never executed: rv = 1; | 0 |
911 | if (rv > 0 && peername &&TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
912 | (*peername = strndup((char *)a->data, a->length)) == NULL) never executed: __len = __n + 1; never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
913 | rv = -1; never executed: rv = -1; | 0 |
914 | } else { never executed: end of block | 0 |
915 | int astrlen; | - |
916 | unsigned char *astr; | - |
917 | astrlen = ASN1_STRING_to_UTF8(&astr, a); | - |
918 | if (astrlen < 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
919 | return -1; never executed: return -1; | 0 |
920 | rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); | - |
921 | if (rv > 0 && peername &&TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
922 | (*peername = strndup((char *)astr, astrlen)) == NULL) never executed: __len = __n + 1; never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
923 | rv = -1; never executed: rv = -1; | 0 |
924 | free(astr); | - |
925 | } never executed: end of block | 0 |
926 | return rv; never executed: return rv; | 0 |
927 | } | - |
928 | | - |
929 | static int do_x509_check(X509 *x, const char *chk, size_t chklen, | - |
930 | unsigned int flags, int check_type, char **peername) | - |
931 | { | - |
932 | GENERAL_NAMES *gens = NULL; | - |
933 | X509_NAME *name = NULL; | - |
934 | size_t i; | - |
935 | int j; | - |
936 | int cnid = NID_undef; | - |
937 | int alt_type; | - |
938 | int san_present = 0; | - |
939 | int rv = 0; | - |
940 | equal_fn equal; | - |
941 | | - |
942 | | - |
943 | flags &= ~_X509_CHECK_FLAG_DOT_SUBDOMAINS; | - |
944 | if (check_type == GEN_EMAIL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
945 | cnid = NID_pkcs9_emailAddress; | - |
946 | alt_type = V_ASN1_IA5STRING; | - |
947 | equal = equal_email; | - |
948 | } else if (check_type == GEN_DNS) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
949 | cnid = NID_commonName; | - |
950 | | - |
951 | if (chklen > 1 && chk[0] == '.')TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
952 | flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS; never executed: flags |= 0x8000; | 0 |
953 | alt_type = V_ASN1_IA5STRING; | - |
954 | if (flags & X509_CHECK_FLAG_NO_WILDCARDS)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
955 | equal = equal_nocase; never executed: equal = equal_nocase; | 0 |
956 | else | - |
957 | equal = equal_wildcard; never executed: equal = equal_wildcard; | 0 |
958 | } else { | - |
959 | alt_type = V_ASN1_OCTET_STRING; | - |
960 | equal = equal_case; | - |
961 | } never executed: end of block | 0 |
962 | | - |
963 | gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); | - |
964 | if (gens != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
965 | for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
966 | GENERAL_NAME *gen; | - |
967 | ASN1_STRING *cstr; | - |
968 | gen = sk_GENERAL_NAME_value(gens, i); | - |
969 | if (gen->type != check_type)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
970 | continue; never executed: continue; | 0 |
971 | san_present = 1; | - |
972 | if (check_type == GEN_EMAIL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
973 | cstr = gen->d.rfc822Name; never executed: cstr = gen->d.rfc822Name; | 0 |
974 | else if (check_type == GEN_DNS)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
975 | cstr = gen->d.dNSName; never executed: cstr = gen->d.dNSName; | 0 |
976 | else | - |
977 | cstr = gen->d.iPAddress; never executed: cstr = gen->d.iPAddress; | 0 |
978 | | - |
979 | if ((rv = do_check_string(cstr, alt_type, equal, flags,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
980 | chk, chklen, peername)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
981 | break; never executed: break; | 0 |
982 | } never executed: end of block | 0 |
983 | GENERAL_NAMES_free(gens); | - |
984 | if (rv != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
985 | return rv; never executed: return rv; | 0 |
986 | if (cnid == NID_undef ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
987 | (san_present &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
988 | !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
989 | return 0; never executed: return 0; | 0 |
990 | } never executed: end of block | 0 |
991 | | - |
992 | | - |
993 | if (cnid == NID_undef)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
994 | return 0; never executed: return 0; | 0 |
995 | | - |
996 | j = -1; | - |
997 | name = X509_get_subject_name(x); | - |
998 | while ((j = X509_NAME_get_index_by_NID(name, cnid, j)) >= 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
999 | X509_NAME_ENTRY *ne; | - |
1000 | ASN1_STRING *str; | - |
1001 | if ((ne = X509_NAME_get_entry(name, j)) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1002 | return -1; never executed: return -1; | 0 |
1003 | if ((str = X509_NAME_ENTRY_get_data(ne)) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1004 | return -1; never executed: return -1; | 0 |
1005 | | - |
1006 | if ((rv = do_check_string(str, -1, equal, flags,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1007 | chk, chklen, peername)) != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1008 | return rv; never executed: return rv; | 0 |
1009 | } never executed: end of block | 0 |
1010 | return 0; never executed: return 0; | 0 |
1011 | } | - |
1012 | | - |
1013 | int X509_check_host(X509 *x, const char *chk, size_t chklen, | - |
1014 | unsigned int flags, char **peername) | - |
1015 | { | - |
1016 | if (chk == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1017 | return -2; never executed: return -2; | 0 |
1018 | if (chklen == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1019 | chklen = strlen(chk); never executed: chklen = strlen(chk); | 0 |
1020 | else if (memchr(chk, '\0', chklen))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1021 | return -2; never executed: return -2; | 0 |
1022 | return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername); never executed: return do_x509_check(x, chk, chklen, flags, 2, peername); | 0 |
1023 | } | - |
1024 | | - |
1025 | int X509_check_email(X509 *x, const char *chk, size_t chklen, | - |
1026 | unsigned int flags) | - |
1027 | { | - |
1028 | if (chk == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1029 | return -2; never executed: return -2; | 0 |
1030 | if (chklen == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1031 | chklen = strlen(chk); never executed: chklen = strlen(chk); | 0 |
1032 | else if (memchr(chk, '\0', chklen))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1033 | return -2; never executed: return -2; | 0 |
1034 | return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL); never executed: return do_x509_check(x, chk, chklen, flags, 1, ((void *)0) ); | 0 |
1035 | } | - |
1036 | | - |
1037 | int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, | - |
1038 | unsigned int flags) | - |
1039 | { | - |
1040 | if (chk == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1041 | return -2; never executed: return -2; | 0 |
1042 | return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL); never executed: return do_x509_check(x, (char *)chk, chklen, flags, 7, ((void *)0) ); | 0 |
1043 | } | - |
1044 | | - |
1045 | int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags) | - |
1046 | { | - |
1047 | unsigned char ipout[16]; | - |
1048 | size_t iplen; | - |
1049 | | - |
1050 | if (ipasc == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1051 | return -2; never executed: return -2; | 0 |
1052 | iplen = (size_t)a2i_ipadd(ipout, ipasc); | - |
1053 | if (iplen == 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1054 | return -2; never executed: return -2; | 0 |
1055 | return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL); never executed: return do_x509_check(x, (char *)ipout, iplen, flags, 7, ((void *)0) ); | 0 |
1056 | } | - |
1057 | | - |
1058 | | - |
1059 | | - |
1060 | | - |
1061 | | - |
1062 | ASN1_OCTET_STRING * | - |
1063 | a2i_IPADDRESS(const char *ipasc) | - |
1064 | { | - |
1065 | unsigned char ipout[16]; | - |
1066 | ASN1_OCTET_STRING *ret; | - |
1067 | int iplen; | - |
1068 | | - |
1069 | | - |
1070 | | - |
1071 | iplen = a2i_ipadd(ipout, ipasc); | - |
1072 | | - |
1073 | if (!iplen)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1074 | return NULL; never executed: return ((void *)0) ; | 0 |
1075 | | - |
1076 | ret = ASN1_OCTET_STRING_new(); | - |
1077 | if (!ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1078 | return NULL; never executed: return ((void *)0) ; | 0 |
1079 | if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1080 | ASN1_OCTET_STRING_free(ret); | - |
1081 | return NULL; never executed: return ((void *)0) ; | 0 |
1082 | } | - |
1083 | return ret; never executed: return ret; | 0 |
1084 | } | - |
1085 | | - |
1086 | ASN1_OCTET_STRING * | - |
1087 | a2i_IPADDRESS_NC(const char *ipasc) | - |
1088 | { | - |
1089 | ASN1_OCTET_STRING *ret = NULL; | - |
1090 | unsigned char ipout[32]; | - |
1091 | char *iptmp = NULL, *p; | - |
1092 | int iplen1, iplen2; | - |
1093 | | - |
1094 | p = strchr(ipasc, '/');TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1095 | if (!p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1096 | return NULL; never executed: return ((void *)0) ; | 0 |
1097 | iptmp = strdup(ipasc); never executed: __retval = (char *) memcpy (__retval, ipasc , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1098 | if (!iptmp)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1099 | return NULL; never executed: return ((void *)0) ; | 0 |
1100 | p = iptmp + (p - ipasc); | - |
1101 | *p++ = 0; | - |
1102 | | - |
1103 | iplen1 = a2i_ipadd(ipout, iptmp); | - |
1104 | | - |
1105 | if (!iplen1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1106 | goto err; never executed: goto err; | 0 |
1107 | | - |
1108 | iplen2 = a2i_ipadd(ipout + iplen1, p); | - |
1109 | | - |
1110 | free(iptmp); | - |
1111 | iptmp = NULL; | - |
1112 | | - |
1113 | if (!iplen2 || (iplen1 != iplen2))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1114 | goto err; never executed: goto err; | 0 |
1115 | | - |
1116 | ret = ASN1_OCTET_STRING_new(); | - |
1117 | if (!ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1118 | goto err; never executed: goto err; | 0 |
1119 | if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1120 | goto err; never executed: goto err; | 0 |
1121 | | - |
1122 | return ret; never executed: return ret; | 0 |
1123 | | - |
1124 | err: | - |
1125 | free(iptmp); | - |
1126 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1127 | ASN1_OCTET_STRING_free(ret); never executed: ASN1_OCTET_STRING_free(ret); | 0 |
1128 | return NULL; never executed: return ((void *)0) ; | 0 |
1129 | } | - |
1130 | | - |
1131 | | - |
1132 | int | - |
1133 | a2i_ipadd(unsigned char *ipout, const char *ipasc) | - |
1134 | { | - |
1135 | | - |
1136 | | - |
1137 | if (strchr(ipasc, ':')) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1138 | if (!ipv6_from_asc(ipout, ipasc))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1139 | return 0; never executed: return 0; | 0 |
1140 | return 16; never executed: return 16; | 0 |
1141 | } else { | - |
1142 | if (!ipv4_from_asc(ipout, ipasc))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1143 | return 0; never executed: return 0; | 0 |
1144 | return 4; never executed: return 4; | 0 |
1145 | } | - |
1146 | } | - |
1147 | | - |
1148 | static int | - |
1149 | ipv4_from_asc(unsigned char *v4, const char *in) | - |
1150 | { | - |
1151 | int a0, a1, a2, a3; | - |
1152 | if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1153 | return 0; never executed: return 0; | 0 |
1154 | if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1155 | (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1156 | return 0; never executed: return 0; | 0 |
1157 | v4[0] = a0; | - |
1158 | v4[1] = a1; | - |
1159 | v4[2] = a2; | - |
1160 | v4[3] = a3; | - |
1161 | return 1; never executed: return 1; | 0 |
1162 | } | - |
1163 | | - |
1164 | typedef struct { | - |
1165 | | - |
1166 | unsigned char tmp[16]; | - |
1167 | | - |
1168 | int total; | - |
1169 | | - |
1170 | int zero_pos; | - |
1171 | | - |
1172 | int zero_cnt; | - |
1173 | } IPV6_STAT; | - |
1174 | | - |
1175 | | - |
1176 | static int | - |
1177 | ipv6_from_asc(unsigned char *v6, const char *in) | - |
1178 | { | - |
1179 | IPV6_STAT v6stat; | - |
1180 | | - |
1181 | v6stat.total = 0; | - |
1182 | v6stat.zero_pos = -1; | - |
1183 | v6stat.zero_cnt = 0; | - |
1184 | | - |
1185 | | - |
1186 | | - |
1187 | | - |
1188 | | - |
1189 | if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1190 | return 0; never executed: return 0; | 0 |
1191 | | - |
1192 | | - |
1193 | | - |
1194 | if (v6stat.zero_pos == -1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1195 | | - |
1196 | if (v6stat.total != 16)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1197 | return 0; never executed: return 0; | 0 |
1198 | } else { never executed: end of block | 0 |
1199 | | - |
1200 | if (v6stat.total == 16)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1201 | return 0; never executed: return 0; | 0 |
1202 | | - |
1203 | if (v6stat.zero_cnt > 3)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1204 | return 0; never executed: return 0; | 0 |
1205 | | - |
1206 | else if (v6stat.zero_cnt == 3) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1207 | if (v6stat.total > 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1208 | return 0; never executed: return 0; | 0 |
1209 | } never executed: end of block | 0 |
1210 | | - |
1211 | else if (v6stat.zero_cnt == 2) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1212 | if ((v6stat.zero_pos != 0) &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1213 | (v6stat.zero_pos != v6stat.total))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1214 | return 0; never executed: return 0; | 0 |
1215 | } else never executed: end of block | 0 |
1216 | | - |
1217 | { | - |
1218 | if ((v6stat.zero_pos == 0) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1219 | (v6stat.zero_pos == v6stat.total))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1220 | return 0; never executed: return 0; | 0 |
1221 | } never executed: end of block | 0 |
1222 | } | - |
1223 | | - |
1224 | | - |
1225 | | - |
1226 | if (v6stat.zero_pos >= 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1227 | | - |
1228 | memcpy(v6, v6stat.tmp, v6stat.zero_pos); | - |
1229 | | - |
1230 | memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); | - |
1231 | | - |
1232 | if (v6stat.total != v6stat.zero_pos)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1233 | memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, never executed: memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, v6stat.tmp + v6stat.zero_pos, v6stat.total - v6stat.zero_pos); | 0 |
1234 | v6stat.tmp + v6stat.zero_pos, never executed: memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, v6stat.tmp + v6stat.zero_pos, v6stat.total - v6stat.zero_pos); | 0 |
1235 | v6stat.total - v6stat.zero_pos); never executed: memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, v6stat.tmp + v6stat.zero_pos, v6stat.total - v6stat.zero_pos); | 0 |
1236 | } else never executed: end of block | 0 |
1237 | memcpy(v6, v6stat.tmp, 16); never executed: memcpy(v6, v6stat.tmp, 16); | 0 |
1238 | | - |
1239 | return 1; never executed: return 1; | 0 |
1240 | } | - |
1241 | | - |
1242 | static int | - |
1243 | ipv6_cb(const char *elem, int len, void *usr) | - |
1244 | { | - |
1245 | IPV6_STAT *s = usr; | - |
1246 | | - |
1247 | | - |
1248 | if (s->total == 16)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1249 | return 0; never executed: return 0; | 0 |
1250 | if (len == 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1251 | | - |
1252 | if (s->zero_pos == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1253 | s->zero_pos = s->total; never executed: s->zero_pos = s->total; | 0 |
1254 | | - |
1255 | else if (s->zero_pos != s->total)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1256 | return 0; never executed: return 0; | 0 |
1257 | s->zero_cnt++; | - |
1258 | } else { never executed: end of block | 0 |
1259 | | - |
1260 | if (len > 4) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1261 | | - |
1262 | if (s->total > 12)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1263 | return 0; never executed: return 0; | 0 |
1264 | | - |
1265 | if (elem[len])TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1266 | return 0; never executed: return 0; | 0 |
1267 | if (!ipv4_from_asc(s->tmp + s->total, elem))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1268 | return 0; never executed: return 0; | 0 |
1269 | s->total += 4; | - |
1270 | } else { never executed: end of block | 0 |
1271 | if (!ipv6_hex(s->tmp + s->total, elem, len))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1272 | return 0; never executed: return 0; | 0 |
1273 | s->total += 2; | - |
1274 | } never executed: end of block | 0 |
1275 | } | - |
1276 | return 1; never executed: return 1; | 0 |
1277 | } | - |
1278 | | - |
1279 | | - |
1280 | | - |
1281 | | - |
1282 | | - |
1283 | static int | - |
1284 | ipv6_hex(unsigned char *out, const char *in, int inlen) | - |
1285 | { | - |
1286 | unsigned char c; | - |
1287 | unsigned int num = 0; | - |
1288 | | - |
1289 | if (inlen > 4)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1290 | return 0; never executed: return 0; | 0 |
1291 | while (inlen--) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1292 | c = *in++; | - |
1293 | num <<= 4; | - |
1294 | if ((c >= '0') && (c <= '9'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1295 | num |= c - '0'; never executed: num |= c - '0'; | 0 |
1296 | else if ((c >= 'A') && (c <= 'F'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1297 | num |= c - 'A' + 10; never executed: num |= c - 'A' + 10; | 0 |
1298 | else if ((c >= 'a') && (c <= 'f'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1299 | num |= c - 'a' + 10; never executed: num |= c - 'a' + 10; | 0 |
1300 | else | - |
1301 | return 0; never executed: return 0; | 0 |
1302 | } | - |
1303 | out[0] = num >> 8; | - |
1304 | out[1] = num & 0xff; | - |
1305 | return 1; never executed: return 1; | 0 |
1306 | } | - |
1307 | | - |
1308 | int | - |
1309 | X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, | - |
1310 | unsigned long chtype) | - |
1311 | { | - |
1312 | CONF_VALUE *v; | - |
1313 | int i, mval; | - |
1314 | char *p, *type; | - |
1315 | | - |
1316 | if (!nm)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1317 | return 0; never executed: return 0; | 0 |
1318 | | - |
1319 | for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1320 | v = sk_CONF_VALUE_value(dn_sk, i); | - |
1321 | type = v->name; | - |
1322 | | - |
1323 | | - |
1324 | | - |
1325 | for (p = type; *p; p++)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1326 | if ((*p == ':') || (*p == ',') || (*p == '.')) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1327 | p++; | - |
1328 | if (*p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1329 | type = p; never executed: type = p; | 0 |
1330 | break; never executed: break; | 0 |
1331 | } | - |
1332 | if (*type == '+') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1333 | mval = -1; | - |
1334 | type++; | - |
1335 | } else never executed: end of block | 0 |
1336 | mval = 0; never executed: mval = 0; | 0 |
1337 | if (!X509_NAME_add_entry_by_txt(nm, type, chtype,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1338 | (unsigned char *) v->value, -1, -1, mval))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1339 | return 0; never executed: return 0; | 0 |
1340 | } never executed: end of block | 0 |
1341 | return 1; never executed: return 1; | 0 |
1342 | } | - |
| | |