OpenCoverage

v3_alt.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509v3/v3_alt.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: v3_alt.c,v 1.28 2018/05/18 19:34:37 tb Exp $ */-
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL-
3 * project.-
4 */-
5/* ====================================================================-
6 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.-
7 *-
8 * Redistribution and use in source and binary forms, with or without-
9 * modification, are permitted provided that the following conditions-
10 * are met:-
11 *-
12 * 1. Redistributions of source code must retain the above copyright-
13 * notice, this list of conditions and the following disclaimer.-
14 *-
15 * 2. Redistributions in binary form must reproduce the above copyright-
16 * notice, this list of conditions and the following disclaimer in-
17 * the documentation and/or other materials provided with the-
18 * distribution.-
19 *-
20 * 3. All advertising materials mentioning features or use of this-
21 * software must display the following acknowledgment:-
22 * "This product includes software developed by the OpenSSL Project-
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"-
24 *-
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
26 * endorse or promote products derived from this software without-
27 * prior written permission. For written permission, please contact-
28 * licensing@OpenSSL.org.-
29 *-
30 * 5. Products derived from this software may not be called "OpenSSL"-
31 * nor may "OpenSSL" appear in their names without prior written-
32 * permission of the OpenSSL Project.-
33 *-
34 * 6. Redistributions of any form whatsoever must retain the following-
35 * acknowledgment:-
36 * "This product includes software developed by the OpenSSL Project-
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"-
38 *-
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
50 * OF THE POSSIBILITY OF SUCH DAMAGE.-
51 * ====================================================================-
52 *-
53 * This product includes cryptographic software written by Eric Young-
54 * (eay@cryptsoft.com). This product includes software written by Tim-
55 * Hudson (tjh@cryptsoft.com).-
56 *-
57 */-
58-
59#include <stdio.h>-
60#include <string.h>-
61-
62#include <openssl/conf.h>-
63#include <openssl/err.h>-
64#include <openssl/x509v3.h>-
65-
66static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,-
67 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);-
68static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,-
69 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);-
70static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);-
71static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);-
72static int do_othername(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx);-
73static int do_dirname(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx);-
74-
75const X509V3_EXT_METHOD v3_alt[] = {-
76 {-
77 .ext_nid = NID_subject_alt_name,-
78 .ext_flags = 0,-
79 .it = &GENERAL_NAMES_it,-
80 .ext_new = NULL,-
81 .ext_free = NULL,-
82 .d2i = NULL,-
83 .i2d = NULL,-
84 .i2s = NULL,-
85 .s2i = NULL,-
86 .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES,-
87 .v2i = (X509V3_EXT_V2I)v2i_subject_alt,-
88 .i2r = NULL,-
89 .r2i = NULL,-
90 .usr_data = NULL,-
91 },-
92 {-
93 .ext_nid = NID_issuer_alt_name,-
94 .ext_flags = 0,-
95 .it = &GENERAL_NAMES_it,-
96 .ext_new = NULL,-
97 .ext_free = NULL,-
98 .d2i = NULL,-
99 .i2d = NULL,-
100 .i2s = NULL,-
101 .s2i = NULL,-
102 .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES,-
103 .v2i = (X509V3_EXT_V2I)v2i_issuer_alt,-
104 .i2r = NULL,-
105 .r2i = NULL,-
106 .usr_data = NULL,-
107 },-
108 {-
109 .ext_nid = NID_certificate_issuer,-
110 .ext_flags = 0,-
111 .it = &GENERAL_NAMES_it,-
112 .ext_new = NULL,-
113 .ext_free = NULL,-
114 .d2i = NULL,-
115 .i2d = NULL,-
116 .i2s = NULL,-
117 .s2i = NULL,-
118 .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES,-
119 .v2i = NULL,-
120 .i2r = NULL,-
121 .r2i = NULL,-
122 .usr_data = NULL,-
123 },-
124};-
125-
126STACK_OF(CONF_VALUE) *-
127i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, GENERAL_NAMES *gens,-
128 STACK_OF(CONF_VALUE) *ret)-
129{-
130 int i;-
131 GENERAL_NAME *gen;-
132-
133 for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
i < sk_num(((_...RAL_NAME*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
134 gen = sk_GENERAL_NAME_value(gens, i);-
135 ret = i2v_GENERAL_NAME(method, gen, ret);-
136 }
never executed: end of block
0
137 if (!ret)
!retDescription
TRUEnever evaluated
FALSEnever evaluated
0
138 return sk_CONF_VALUE_new_null();
never executed: return ((struct stack_st_CONF_VALUE *)sk_new_null());
0
139 return ret;
never executed: return ret;
0
140}-
141-
142STACK_OF(CONF_VALUE) *-
143i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen,-
144 STACK_OF(CONF_VALUE) *ret)-
145{-
146 unsigned char *p;-
147 char oline[256], htmp[5];-
148 int i;-
149-
150 switch (gen->type) {-
151 case GEN_OTHERNAME:
never executed: case 0:
0
152 X509V3_add_value("othername", "<unsupported>", &ret);-
153 break;
never executed: break;
0
154-
155 case GEN_X400:
never executed: case 3:
0
156 X509V3_add_value("X400Name", "<unsupported>", &ret);-
157 break;
never executed: break;
0
158-
159 case GEN_EDIPARTY:
never executed: case 5:
0
160 X509V3_add_value("EdiPartyName", "<unsupported>", &ret);-
161 break;
never executed: break;
0
162-
163 case GEN_EMAIL:
never executed: case 1:
0
164 X509V3_add_value_uchar("email", gen->d.ia5->data, &ret);-
165 break;
never executed: break;
0
166-
167 case GEN_DNS:
never executed: case 2:
0
168 X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret);-
169 break;
never executed: break;
0
170-
171 case GEN_URI:
never executed: case 6:
0
172 X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret);-
173 break;
never executed: break;
0
174-
175 case GEN_DIRNAME:
never executed: case 4:
0
176 X509_NAME_oneline(gen->d.dirn, oline, 256);-
177 X509V3_add_value("DirName", oline, &ret);-
178 break;
never executed: break;
0
179-
180 case GEN_IPADD:
never executed: case 7:
0
181 p = gen->d.ip->data;-
182 if (gen->d.ip->length == 4)
gen->d.ip->length == 4Description
TRUEnever evaluated
FALSEnever evaluated
0
183 (void) snprintf(oline, sizeof oline,
never executed: (void) snprintf(oline, sizeof oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
0
184 "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
never executed: (void) snprintf(oline, sizeof oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
0
185 else if (gen->d.ip->length == 16) {
gen->d.ip->length == 16Description
TRUEnever evaluated
FALSEnever evaluated
0
186 oline[0] = 0;-
187 for (i = 0; i < 8; i++) {
i < 8Description
TRUEnever evaluated
FALSEnever evaluated
0
188 (void) snprintf(htmp, sizeof htmp,-
189 "%X", p[0] << 8 | p[1]);-
190 p += 2;-
191 strlcat(oline, htmp, sizeof(oline));-
192 if (i != 7)
i != 7Description
TRUEnever evaluated
FALSEnever evaluated
0
193 strlcat(oline, ":", sizeof(oline));
never executed: strlcat(oline, ":", sizeof(oline));
0
194 }
never executed: end of block
0
195 } else {
never executed: end of block
0
196 X509V3_add_value("IP Address", "<invalid>", &ret);-
197 break;
never executed: break;
0
198 }-
199 X509V3_add_value("IP Address", oline, &ret);-
200 break;
never executed: break;
0
201-
202 case GEN_RID:
never executed: case 8:
0
203 i2t_ASN1_OBJECT(oline, 256, gen->d.rid);-
204 X509V3_add_value("Registered ID", oline, &ret);-
205 break;
never executed: break;
0
206 }-
207 return ret;
never executed: return ret;
0
208}-
209-
210int-
211GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)-
212{-
213 unsigned char *p;-
214 int i;-
215-
216 switch (gen->type) {-
217 case GEN_OTHERNAME:
never executed: case 0:
0
218 BIO_printf(out, "othername:<unsupported>");-
219 break;
never executed: break;
0
220-
221 case GEN_X400:
never executed: case 3:
0
222 BIO_printf(out, "X400Name:<unsupported>");-
223 break;
never executed: break;
0
224-
225 case GEN_EDIPARTY:
never executed: case 5:
0
226 /* Maybe fix this: it is supported now */-
227 BIO_printf(out, "EdiPartyName:<unsupported>");-
228 break;
never executed: break;
0
229-
230 case GEN_EMAIL:
never executed: case 1:
0
231 BIO_printf(out, "email:%s", gen->d.ia5->data);-
232 break;
never executed: break;
0
233-
234 case GEN_DNS:
never executed: case 2:
0
235 BIO_printf(out, "DNS:%s", gen->d.ia5->data);-
236 break;
never executed: break;
0
237-
238 case GEN_URI:
never executed: case 6:
0
239 BIO_printf(out, "URI:%s", gen->d.ia5->data);-
240 break;
never executed: break;
0
241-
242 case GEN_DIRNAME:
never executed: case 4:
0
243 BIO_printf(out, "DirName: ");-
244 X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);-
245 break;
never executed: break;
0
246-
247 case GEN_IPADD:
never executed: case 7:
0
248 p = gen->d.ip->data;-
249 if (gen->d.ip->length == 4)
gen->d.ip->length == 4Description
TRUEnever evaluated
FALSEnever evaluated
0
250 BIO_printf(out, "IP Address:%d.%d.%d.%d",
never executed: BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
0
251 p[0], p[1], p[2], p[3]);
never executed: BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
0
252 else if (gen->d.ip->length == 16) {
gen->d.ip->length == 16Description
TRUEnever evaluated
FALSEnever evaluated
0
253 BIO_printf(out, "IP Address");-
254 for (i = 0; i < 8; i++) {
i < 8Description
TRUEnever evaluated
FALSEnever evaluated
0
255 BIO_printf(out, ":%X", p[0] << 8 | p[1]);-
256 p += 2;-
257 }
never executed: end of block
0
258 BIO_puts(out, "\n");-
259 } else {
never executed: end of block
0
260 BIO_printf(out, "IP Address:<invalid>");-
261 break;
never executed: break;
0
262 }-
263 break;
never executed: break;
0
264-
265 case GEN_RID:
never executed: case 8:
0
266 BIO_printf(out, "Registered ID");-
267 i2a_ASN1_OBJECT(out, gen->d.rid);-
268 break;
never executed: break;
0
269 }-
270 return 1;
never executed: return 1;
0
271}-
272-
273static GENERAL_NAMES *-
274v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,-
275 STACK_OF(CONF_VALUE) *nval)-
276{-
277 GENERAL_NAMES *gens = NULL;-
278 CONF_VALUE *cnf;-
279 int i;-
280-
281 if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
(gens = ((stru...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
282 X509V3error(ERR_R_MALLOC_FAILURE);-
283 return NULL;
never executed: return ((void *)0) ;
0
284 }-
285 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
i < sk_num(((_...NF_VALUE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
286 cnf = sk_CONF_VALUE_value(nval, i);-
287 if (name_cmp(cnf->name, "issuer") == 0 && cnf->value != NULL &&
name_cmp(cnf->..."issuer") == 0Description
TRUEnever evaluated
FALSEnever evaluated
cnf->value != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
288 strcmp(cnf->value, "copy") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "copy" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
289 if (!copy_issuer(ctx, gens))
!copy_issuer(ctx, gens)Description
TRUEnever evaluated
FALSEnever evaluated
0
290 goto err;
never executed: goto err;
0
291 } else {
never executed: end of block
0
292 GENERAL_NAME *gen;-
293 if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
(gen = v2i_GEN...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
294 goto err;
never executed: goto err;
0
295 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
sk_push(((_STA...AME*)0))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
296 GENERAL_NAME_free(gen);-
297 goto err;
never executed: goto err;
0
298 }-
299 }
never executed: end of block
0
300 }-
301 return gens;
never executed: return gens;
0
302-
303err:-
304 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);-
305 return NULL;
never executed: return ((void *)0) ;
0
306}-
307-
308/* Append subject altname of issuer to issuer alt name of subject */-
309-
310static int-
311copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)-
312{-
313 GENERAL_NAMES *ialt;-
314 GENERAL_NAME *gen;-
315 X509_EXTENSION *ext;-
316 int i;-
317-
318 if (ctx && (ctx->flags == CTX_TEST))
ctxDescription
TRUEnever evaluated
FALSEnever evaluated
(ctx->flags == 0x1)Description
TRUEnever evaluated
FALSEnever evaluated
0
319 return 1;
never executed: return 1;
0
320 if (!ctx || !ctx->issuer_cert) {
!ctxDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->issuer_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
321 X509V3error(X509V3_R_NO_ISSUER_DETAILS);-
322 goto err;
never executed: goto err;
0
323 }-
324 i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);-
325 if (i < 0)
i < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
326 return 1;
never executed: return 1;
0
327 if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
!(ext = X509_g...suer_cert, i))Description
TRUEnever evaluated
FALSEnever evaluated
0
328 !(ialt = X509V3_EXT_d2i(ext))) {
!(ialt = X509V3_EXT_d2i(ext))Description
TRUEnever evaluated
FALSEnever evaluated
0
329 X509V3error(X509V3_R_ISSUER_DECODE_ERROR);-
330 goto err;
never executed: goto err;
0
331 }-
332-
333 for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
i < sk_num(((_...RAL_NAME*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
334 gen = sk_GENERAL_NAME_value(ialt, i);-
335 if (!sk_GENERAL_NAME_push(gens, gen)) {
!sk_push(((_ST...RAL_NAME*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
336 X509V3error(ERR_R_MALLOC_FAILURE);-
337 goto err;
never executed: goto err;
0
338 }-
339 }
never executed: end of block
0
340 sk_GENERAL_NAME_free(ialt);-
341-
342 return 1;
never executed: return 1;
0
343-
344err:-
345 return 0;
never executed: return 0;
0
346-
347}-
348-
349static GENERAL_NAMES *-
350v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,-
351 STACK_OF(CONF_VALUE) *nval)-
352{-
353 GENERAL_NAMES *gens = NULL;-
354 CONF_VALUE *cnf;-
355 int i;-
356-
357 if (!(gens = sk_GENERAL_NAME_new_null())) {
!(gens = ((str...k_new_null()))Description
TRUEnever evaluated
FALSEnever evaluated
0
358 X509V3error(ERR_R_MALLOC_FAILURE);-
359 return NULL;
never executed: return ((void *)0) ;
0
360 }-
361 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
i < sk_num(((_...NF_VALUE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
362 cnf = sk_CONF_VALUE_value(nval, i);-
363 if (!name_cmp(cnf->name, "email") && cnf->value &&
!name_cmp(cnf->name, "email")Description
TRUEnever evaluated
FALSEnever evaluated
cnf->valueDescription
TRUEnever evaluated
FALSEnever evaluated
0
364 !strcmp(cnf->value, "copy")) {
never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "copy" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
! __extension_...copy" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
365 if (!copy_email(ctx, gens, 0))
!copy_email(ctx, gens, 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
366 goto err;
never executed: goto err;
0
367 } else if (!name_cmp(cnf->name, "email") && cnf->value &&
never executed: end of block
!name_cmp(cnf->name, "email")Description
TRUEnever evaluated
FALSEnever evaluated
cnf->valueDescription
TRUEnever evaluated
FALSEnever evaluated
0
368 !strcmp(cnf->value, "move")) {
never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "move" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
! __extension_...move" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
369 if (!copy_email(ctx, gens, 1))
!copy_email(ctx, gens, 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
370 goto err;
never executed: goto err;
0
371 } else {
never executed: end of block
0
372 GENERAL_NAME *gen;-
373 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
!(gen = v2i_GE...od, ctx, cnf))Description
TRUEnever evaluated
FALSEnever evaluated
0
374 goto err;
never executed: goto err;
0
375 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
sk_push(((_STA...AME*)0))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
376 GENERAL_NAME_free(gen);-
377 goto err;
never executed: goto err;
0
378 }-
379 }
never executed: end of block
0
380 }-
381 return gens;
never executed: return gens;
0
382-
383err:-
384 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);-
385 return NULL;
never executed: return ((void *)0) ;
0
386}-
387-
388/* Copy any email addresses in a certificate or request to-
389 * GENERAL_NAMES-
390 */-
391-
392static int-
393copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)-
394{-
395 X509_NAME *nm;-
396 ASN1_IA5STRING *email = NULL;-
397 X509_NAME_ENTRY *ne;-
398 GENERAL_NAME *gen = NULL;-
399 int i;-
400-
401 if (ctx != NULL && ctx->flags == CTX_TEST)
ctx != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ctx->flags == 0x1Description
TRUEnever evaluated
FALSEnever evaluated
0
402 return 1;
never executed: return 1;
0
403 if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
!ctxDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->subject_certDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->subject_reqDescription
TRUEnever evaluated
FALSEnever evaluated
0
404 X509V3error(X509V3_R_NO_SUBJECT_DETAILS);-
405 goto err;
never executed: goto err;
0
406 }-
407 /* Find the subject name */-
408 if (ctx->subject_cert)
ctx->subject_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
409 nm = X509_get_subject_name(ctx->subject_cert);
never executed: nm = X509_get_subject_name(ctx->subject_cert);
0
410 else-
411 nm = X509_REQ_get_subject_name(ctx->subject_req);
never executed: nm = X509_REQ_get_subject_name(ctx->subject_req);
0
412-
413 /* Now add any email address(es) to STACK */-
414 i = -1;-
415 while ((i = X509_NAME_get_index_by_NID(nm,
(i = X509_NAME..., 48, i)) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
416 NID_pkcs9_emailAddress, i)) >= 0) {
(i = X509_NAME..., 48, i)) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
417 ne = X509_NAME_get_entry(nm, i);-
418 email = ASN1_STRING_dup(X509_NAME_ENTRY_get_data(ne));-
419 if (move_p) {
move_pDescription
TRUEnever evaluated
FALSEnever evaluated
0
420 X509_NAME_delete_entry(nm, i);-
421 X509_NAME_ENTRY_free(ne);-
422 i--;-
423 }
never executed: end of block
0
424 if (!email || !(gen = GENERAL_NAME_new())) {
!emailDescription
TRUEnever evaluated
FALSEnever evaluated
!(gen = GENERAL_NAME_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
425 X509V3error(ERR_R_MALLOC_FAILURE);-
426 goto err;
never executed: goto err;
0
427 }-
428 gen->d.ia5 = email;-
429 email = NULL;-
430 gen->type = GEN_EMAIL;-
431 if (!sk_GENERAL_NAME_push(gens, gen)) {
!sk_push(((_ST...RAL_NAME*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
432 X509V3error(ERR_R_MALLOC_FAILURE);-
433 goto err;
never executed: goto err;
0
434 }-
435 gen = NULL;-
436 }
never executed: end of block
0
437-
438 return 1;
never executed: return 1;
0
439-
440err:-
441 GENERAL_NAME_free(gen);-
442 ASN1_IA5STRING_free(email);-
443 return 0;
never executed: return 0;
0
444}-
445-
446GENERAL_NAMES *-
447v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,-
448 STACK_OF(CONF_VALUE) *nval)-
449{-
450 GENERAL_NAME *gen;-
451 GENERAL_NAMES *gens = NULL;-
452 CONF_VALUE *cnf;-
453 int i;-
454-
455 if (!(gens = sk_GENERAL_NAME_new_null())) {
!(gens = ((str...k_new_null()))Description
TRUEnever evaluated
FALSEnever evaluated
0
456 X509V3error(ERR_R_MALLOC_FAILURE);-
457 return NULL;
never executed: return ((void *)0) ;
0
458 }-
459 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
i < sk_num(((_...NF_VALUE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
460 cnf = sk_CONF_VALUE_value(nval, i);-
461 if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
!(gen = v2i_GE...od, ctx, cnf))Description
TRUEnever evaluated
FALSEnever evaluated
0
462 goto err;
never executed: goto err;
0
463 if (sk_GENERAL_NAME_push(gens, gen) == 0) {
sk_push(((_STA...AME*)0))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
464 GENERAL_NAME_free(gen);-
465 goto err;
never executed: goto err;
0
466 }-
467 }
never executed: end of block
0
468 return gens;
never executed: return gens;
0
469-
470err:-
471 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);-
472 return NULL;
never executed: return ((void *)0) ;
0
473}-
474-
475GENERAL_NAME *-
476v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,-
477 CONF_VALUE *cnf)-
478{-
479 return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
never executed: return v2i_GENERAL_NAME_ex( ((void *)0) , method, ctx, cnf, 0);
0
480}-
481-
482GENERAL_NAME *-
483a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,-
484 X509V3_CTX *ctx, int gen_type, const char *value, int is_nc)-
485{-
486 char is_string = 0;-
487 GENERAL_NAME *gen = NULL;-
488-
489 if (!value) {
!valueDescription
TRUEnever evaluated
FALSEnever evaluated
0
490 X509V3error(X509V3_R_MISSING_VALUE);-
491 return NULL;
never executed: return ((void *)0) ;
0
492 }-
493-
494 if (out)
outDescription
TRUEnever evaluated
FALSEnever evaluated
0
495 gen = out;
never executed: gen = out;
0
496 else {-
497 gen = GENERAL_NAME_new();-
498 if (gen == NULL) {
gen == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
499 X509V3error(ERR_R_MALLOC_FAILURE);-
500 return NULL;
never executed: return ((void *)0) ;
0
501 }-
502 }
never executed: end of block
0
503-
504 switch (gen_type) {-
505 case GEN_URI:
never executed: case 6:
0
506 case GEN_EMAIL:
never executed: case 1:
0
507 case GEN_DNS:
never executed: case 2:
0
508 is_string = 1;-
509 break;
never executed: break;
0
510-
511 case GEN_RID:
never executed: case 8:
0
512 {-
513 ASN1_OBJECT *obj;-
514 if (!(obj = OBJ_txt2obj(value, 0))) {
!(obj = OBJ_txt2obj(value, 0))Description
TRUEnever evaluated
FALSEnever evaluated
0
515 X509V3error(X509V3_R_BAD_OBJECT);-
516 ERR_asprintf_error_data("value=%s", value);-
517 goto err;
never executed: goto err;
0
518 }-
519 gen->d.rid = obj;-
520 }-
521 break;
never executed: break;
0
522-
523 case GEN_IPADD:
never executed: case 7:
0
524 if (is_nc)
is_ncDescription
TRUEnever evaluated
FALSEnever evaluated
0
525 gen->d.ip = a2i_IPADDRESS_NC(value);
never executed: gen->d.ip = a2i_IPADDRESS_NC(value);
0
526 else-
527 gen->d.ip = a2i_IPADDRESS(value);
never executed: gen->d.ip = a2i_IPADDRESS(value);
0
528 if (gen->d.ip == NULL) {
gen->d.ip == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
529 X509V3error(X509V3_R_BAD_IP_ADDRESS);-
530 ERR_asprintf_error_data("value=%s", value);-
531 goto err;
never executed: goto err;
0
532 }-
533 break;
never executed: break;
0
534-
535 case GEN_DIRNAME:
never executed: case 4:
0
536 if (!do_dirname(gen, value, ctx)) {
!do_dirname(gen, value, ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
537 X509V3error(X509V3_R_DIRNAME_ERROR);-
538 goto err;
never executed: goto err;
0
539 }-
540 break;
never executed: break;
0
541-
542 case GEN_OTHERNAME:
never executed: case 0:
0
543 if (!do_othername(gen, value, ctx)) {
!do_othername(gen, value, ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
544 X509V3error(X509V3_R_OTHERNAME_ERROR);-
545 goto err;
never executed: goto err;
0
546 }-
547 break;
never executed: break;
0
548-
549 default:
never executed: default:
0
550 X509V3error(X509V3_R_UNSUPPORTED_TYPE);-
551 goto err;
never executed: goto err;
0
552 }-
553-
554 if (is_string) {
is_stringDescription
TRUEnever evaluated
FALSEnever evaluated
0
555 if (!(gen->d.ia5 = ASN1_IA5STRING_new()) ||
!(gen->d.ia5 =...5STRING_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
556 !ASN1_STRING_set(gen->d.ia5, value, strlen(value))) {
!ASN1_STRING_s...strlen(value))Description
TRUEnever evaluated
FALSEnever evaluated
0
557 X509V3error(ERR_R_MALLOC_FAILURE);-
558 goto err;
never executed: goto err;
0
559 }-
560 }
never executed: end of block
0
561-
562 gen->type = gen_type;-
563-
564 return gen;
never executed: return gen;
0
565-
566err:-
567 if (out == NULL)
out == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
568 GENERAL_NAME_free(gen);
never executed: GENERAL_NAME_free(gen);
0
569 return NULL;
never executed: return ((void *)0) ;
0
570}-
571-
572GENERAL_NAME *-
573v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,-
574 X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)-
575{-
576 int type;-
577 char *name, *value;-
578-
579 name = cnf->name;-
580 value = cnf->value;-
581-
582 if (!value) {
!valueDescription
TRUEnever evaluated
FALSEnever evaluated
0
583 X509V3error(X509V3_R_MISSING_VALUE);-
584 return NULL;
never executed: return ((void *)0) ;
0
585 }-
586-
587 if (!name_cmp(name, "email"))
!name_cmp(name, "email")Description
TRUEnever evaluated
FALSEnever evaluated
0
588 type = GEN_EMAIL;
never executed: type = 1;
0
589 else if (!name_cmp(name, "URI"))
!name_cmp(name, "URI")Description
TRUEnever evaluated
FALSEnever evaluated
0
590 type = GEN_URI;
never executed: type = 6;
0
591 else if (!name_cmp(name, "DNS"))
!name_cmp(name, "DNS")Description
TRUEnever evaluated
FALSEnever evaluated
0
592 type = GEN_DNS;
never executed: type = 2;
0
593 else if (!name_cmp(name, "RID"))
!name_cmp(name, "RID")Description
TRUEnever evaluated
FALSEnever evaluated
0
594 type = GEN_RID;
never executed: type = 8;
0
595 else if (!name_cmp(name, "IP"))
!name_cmp(name, "IP")Description
TRUEnever evaluated
FALSEnever evaluated
0
596 type = GEN_IPADD;
never executed: type = 7;
0
597 else if (!name_cmp(name, "dirName"))
!name_cmp(name, "dirName")Description
TRUEnever evaluated
FALSEnever evaluated
0
598 type = GEN_DIRNAME;
never executed: type = 4;
0
599 else if (!name_cmp(name, "otherName"))
!name_cmp(name, "otherName")Description
TRUEnever evaluated
FALSEnever evaluated
0
600 type = GEN_OTHERNAME;
never executed: type = 0;
0
601 else {-
602 X509V3error(X509V3_R_UNSUPPORTED_OPTION);-
603 ERR_asprintf_error_data("name=%s", name);-
604 return NULL;
never executed: return ((void *)0) ;
0
605 }-
606-
607 return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
never executed: return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
0
608}-
609-
610static int-
611do_othername(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx)-
612{-
613 char *objtmp = NULL, *p;-
614 int objlen;-
615-
616 if (!(p = strchr(value, ';')))
!(p = (__exten...ue , ';' ))) )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( ';' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_con...nt_p ( value )Description
TRUEnever evaluated
FALSEnever evaluated
( ';' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
617 return 0;
never executed: return 0;
0
618 if (!(gen->d.otherName = OTHERNAME_new()))
!(gen->d.other...HERNAME_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
619 return 0;
never executed: return 0;
0
620 /* Free this up because we will overwrite it.-
621 * no need to free type_id because it is static-
622 */-
623 ASN1_TYPE_free(gen->d.otherName->value);-
624 if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx)))
!(gen->d.other...3(p + 1, ctx))Description
TRUEnever evaluated
FALSEnever evaluated
0
625 return 0;
never executed: return 0;
0
626 objlen = p - value;-
627 objtmp = malloc(objlen + 1);-
628 if (objtmp) {
objtmpDescription
TRUEnever evaluated
FALSEnever evaluated
0
629 strlcpy(objtmp, value, objlen + 1);-
630 gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);-
631 free(objtmp);-
632 } else
never executed: end of block
0
633 gen->d.otherName->type_id = NULL;
never executed: gen->d.otherName->type_id = ((void *)0) ;
0
634 if (!gen->d.otherName->type_id)
!gen->d.otherName->type_idDescription
TRUEnever evaluated
FALSEnever evaluated
0
635 return 0;
never executed: return 0;
0
636 return 1;
never executed: return 1;
0
637}-
638-
639static int-
640do_dirname(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx)-
641{-
642 int ret;-
643 STACK_OF(CONF_VALUE) *sk;-
644 X509_NAME *nm;-
645-
646 if (!(nm = X509_NAME_new()))
!(nm = X509_NAME_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
647 return 0;
never executed: return 0;
0
648 sk = X509V3_get_section(ctx, value);-
649 if (!sk) {
!skDescription
TRUEnever evaluated
FALSEnever evaluated
0
650 X509V3error(X509V3_R_SECTION_NOT_FOUND);-
651 ERR_asprintf_error_data("section=%s", value);-
652 X509_NAME_free(nm);-
653 return 0;
never executed: return 0;
0
654 }-
655 /* FIXME: should allow other character types... */-
656 ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);-
657 if (!ret)
!retDescription
TRUEnever evaluated
FALSEnever evaluated
0
658 X509_NAME_free(nm);
never executed: X509_NAME_free(nm);
0
659 gen->d.dirn = nm;-
660 X509V3_section_free(ctx, sk);-
661-
662 return ret;
never executed: return ret;
0
663}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2