OpenCoverage

x509_vfy.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509/x509_vfy.c

Switch to Source code

Preprocessed file

Line Source Count

1 -

2 -

3 -

4 -

5 static int null_callback(int ok, X509_STORE_CTX *e); -

6 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); -

7 static X509 *find_issuer(X509_STORE_CTX *ctx, struct stack_st_X509 *sk, X509 *x); -

8 static int check_chain_extensions(X509_STORE_CTX *ctx); -

9 static int check_name_constraints(X509_STORE_CTX *ctx); -

10 static int check_trust(X509_STORE_CTX *ctx); -

11 static int check_revocation(X509_STORE_CTX *ctx); -

12 static int check_cert(X509_STORE_CTX *ctx); -

13 static int check_policy(X509_STORE_CTX *ctx); -

14 -

15 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, -

16 unsigned int *preasons, X509_CRL *crl, X509 *x); -

17 static int get_crl_delta(X509_STORE_CTX *ctx, -

18 X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x); -

19 static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score, -

20 X509_CRL *base, struct stack_st_X509_CRL *crls); -

21 static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, -

22 int *pcrl_score); -

23 static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, -

24 unsigned int *preasons); -

25 static int check_crl_path(X509_STORE_CTX *ctx, X509 *x); -

26 static int check_crl_chain(X509_STORE_CTX *ctx, struct stack_st_X509 *cert_path, -

27 struct stack_st_X509 *crl_path); -

28 static int X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, -

29 int clamp_notafter); -

30 -

31 static int internal_verify(X509_STORE_CTX *ctx); -

32 -

33 int ASN1_time_tm_clamp_notafter(struct tm *tm); -

34 -

35 static int -

36 null_callback(int ok, X509_STORE_CTX *e) -

37 { -

return

executed 156 times by 3 tests: return ok;

Executed by:

servertest
ssltest
tlstest

ok;

executed 156 times by 3 tests: return ok;

Executed by:

servertest
ssltest
tlstest

156

39 } -

40 static int -

41 cert_self_signed(X509 *x) -

42 { -

43 X509_check_purpose(x, -1, 0); -

if (x->ex_flags & 0x2000

x->ex_flags & 0x2000	Description
TRUE	evaluated 66 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 387 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

66-387

return

executed 66 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

executed 66 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

46 else -

return

executed 387 times by 4 tests: return 0;

Executed by:

pkcs7test
servertest
ssltest
tlstest

executed 387 times by 4 tests: return 0;

Executed by:

pkcs7test
servertest
ssltest
tlstest

387

48 } -

49 -

50 static int -

51 check_id_error(X509_STORE_CTX *ctx, int errcode) -

52 { -

53 ctx->error = errcode; -

54 ctx->current_cert = ctx->cert; -

55 ctx->error_depth = 0; -

return

never executed: return ctx->verify_cb(0, ctx);

ctx->verify_cb(0, ctx);

never executed: return ctx->verify_cb(0, ctx);

57 } -

58 -

59 static int -

60 check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id) -

61 { -

62 size_t i, n; -

63 char *name; -

64 -

65 n = sk_num(((_STACK*) (1 ? id->hosts : (struct stack_st_OPENSSL_STRING*)0))); -

66 free(id->peername); -

67 id->peername = -

68 ((void *)0) -

69 ; -

70 -

for (i = 0; i < n

i < n	Description
TRUE	never evaluated
FALSE	never evaluated

; ++i) {

72 name = ((OPENSSL_STRING)sk_value(((_STACK*) (1 ? id->hosts : (struct stack_st_OPENSSL_STRING*)0)), i)); -

if (X509_check_host(x, name, strlen(name), id->hostflags,

X509_check_hos...>peername) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

&id->peername) > 0

X509_check_hos...>peername) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

return

never executed: return 1;

}

never executed: end of block

return

never executed: return n == 0;

n == 0;

never executed: return n == 0;

78 } -

79 -

80 static int -

81 check_id(X509_STORE_CTX *ctx) -

82 { -

83 X509_VERIFY_PARAM *vpm = ctx->param; -

84 X509_VERIFY_PARAM_ID *id = vpm->id; -

85 X509 *x = ctx->cert; -

86 -

if (id->hosts

id->hosts	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

&& check_hosts(x, id) <= 0

check_hosts(x, id) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-38

if (!check_id_error(ctx, 62)

!check_id_error(ctx, 62)	Description
TRUE	never evaluated
FALSE	never evaluated

)

return

never executed: return 0;

}

never executed: end of block

if (id->email !=

id->email != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-38

((void *)0)

id->email != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-38

&& X509_check_email(x, id->email, id->emaillen, 0)

X509_check_ema...illen, 0) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

<= 0

X509_check_ema...illen, 0) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

if (!check_id_error(ctx, 63)

!check_id_error(ctx, 63)	Description
TRUE	never evaluated
FALSE	never evaluated

)

return

never executed: return 0;

}

never executed: end of block

if (id->ip !=

id->ip != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-38

((void *)0)

id->ip != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-38

100

&& X509_check_ip(x, id->ip, id->iplen, 0) <= 0

X509_check_ip(...iplen, 0) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

101

if (!check_id_error(ctx, 64)

!check_id_error(ctx, 64)	Description
TRUE	never evaluated
FALSE	never evaluated

)

102

return

never executed: return 0;

103

}

never executed: end of block

104

return

executed 38 times by 3 tests: return 1;

Executed by:

pkcs7test
ssltest
tlstest

executed 38 times by 3 tests: return 1;

Executed by:

pkcs7test
ssltest
tlstest

105 } -

106 -

107 int -

108 X509_verify_cert(X509_STORE_CTX *ctx) -

109 { -

110 X509 *x, *xtmp, *xtmp2, *chain_ss = -

111 ((void *)0) -

112 ; -

113 int bad_chain = 0; -

114 X509_VERIFY_PARAM *param = ctx->param; -

115 int depth, i, ok = 0; -

116 int num, j, retry, trust; -

117 int (*cb) (int xok, X509_STORE_CTX *xctx); -

118 struct stack_st_X509 *sktmp = -

119 ((void *)0) -

120 ; -

121 -

122

if (ctx->cert ==

ctx->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-122

123

((void *)0)

ctx->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-122

124 ) { -

125 ERR_put_error(11,(0xfff),(105),__FILE__,236); -

126 ctx->error = 65; -

127

return

never executed: return -1;

-1;

never executed: return -1;

128 } -

129

if (ctx->chain !=

ctx->chain != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-122

130

((void *)0)

ctx->chain != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-122

131 ) { -

132 -

133 -

134 -

135 -

136 ERR_put_error(11,(0xfff),((2|64)),__FILE__,245); -

137 ctx->error = 65; -

138

return

never executed: return -1;

-1;

never executed: return -1;

139 } -

140

if (ctx->param->id->poisoned

ctx->param->id->poisoned	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-122

141 -

142 -

143 -

144 -

145 ERR_put_error(11,(0xfff),((2|64)),__FILE__,254); -

146 ctx->error = 65; -

147

return

never executed: return -1;

-1;

never executed: return -1;

148 } -

149

if (ctx->error != 65

ctx->error != 65	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-122

150 -

151 -

152 -

153 ERR_put_error(11,(0xfff),((2|64)),__FILE__,262); -

154 ctx->error = 65; -

155

return

never executed: return -1;

-1;

never executed: return -1;

156 } -

157 ctx->error = 0; -

158 -

159 cb = ctx->verify_cb; -

160 -

161 -

162 -

163 -

164 -

165 ctx->chain = ((struct stack_st_X509 *)sk_new_null()); -

166

if (ctx->chain ==

ctx->chain == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-122

167

((void *)0)

ctx->chain == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-122

168

|| !sk_push(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), ((void*) (1 ? (ctx->cert) : (X509*)0)))

!sk_push(((_ST... : (X509*)0)))	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-122

169 ERR_put_error(11,(0xfff),((1|64)),__FILE__,276); -

170 ctx->error = 17; -

171

goto

never executed: goto end;

end;

never executed: goto end;

172 } -

173 X509_up_ref(ctx->cert); -

174 ctx->last_untrusted = 1; -

175 -

176 -

177

if (ctx->untrusted !=

ctx->untrusted != ((void *)0)	Description
TRUE	evaluated 60 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 62 times by 3 tests Evaluated by: servertest ssltest tlstest

60-62

178

((void *)0)

ctx->untrusted != ((void *)0)	Description
TRUE	evaluated 60 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 62 times by 3 tests Evaluated by: servertest ssltest tlstest

60-62

179 && -

180

(

(sktmp = (stru...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

sktmp = (struct stack_st_X509 *)sk_dup(((_STACK*) (1 ? ctx->untrusted : (struct stack_st_X509*)0)))) ==

(sktmp = (stru...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-60

181

((void *)0)

(sktmp = (stru...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-60

182 ) { -

183 ERR_put_error(11,(0xfff),((1|64)),__FILE__,286); -

184 ctx->error = 17; -

185

goto

never executed: goto end;

end;

never executed: goto end;

186 } -

187 -

188 num = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))); -

189 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (num - 1))); -

190 depth = param->depth; -

191 -

192 for (;;) { -

193 -

194 -

195 -

196 -

197 -

198 -

199

if (depth < num

depth < num	Description
TRUE	never evaluated
FALSE	evaluated 152 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-152

200

break;

never executed: break;

201 -

202

if (cert_self_signed(x)

cert_self_signed(x)	Description
TRUE	evaluated 15 times by 1 test Evaluated by: ssltest
FALSE	evaluated 137 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

15-137

203

break;

executed 15 times by 1 test: break;

Executed by:

ssltest

204 -

205 -

206 -

207

if (ctx->param->flags & 0x8000

ctx->param->flags & 0x8000	Description
TRUE	never evaluated
FALSE	evaluated 137 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-137

208 ok = ctx->get_issuer(&xtmp, ctx, x); -

209

if (ok < 0

ok < 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

210 ctx->error = 66; -

211

goto

never executed: goto end;

end;

never executed: goto end;

212 } -

213 -

214 -

215 -

216 -

217

if (ok > 0

ok > 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

218 X509_free(xtmp); -

219

break;

never executed: break;

220 } -

221

}

never executed: end of block

222 -

223

if (ctx->untrusted !=

ctx->untrusted != ((void *)0)	Description
TRUE	evaluated 75 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 62 times by 3 tests Evaluated by: servertest ssltest tlstest

62-75

224

((void *)0)

ctx->untrusted != ((void *)0)	Description
TRUE	evaluated 75 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 62 times by 3 tests Evaluated by: servertest ssltest tlstest

62-75

225 ) { -

226 xtmp = find_issuer(ctx, sktmp, x); -

227

if (xtmp !=

xtmp != ((void *)0)	Description
TRUE	evaluated 30 times by 1 test Evaluated by: ssltest
FALSE	evaluated 45 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

30-45

228

((void *)0)

xtmp != ((void *)0)	Description
TRUE	evaluated 30 times by 1 test Evaluated by: ssltest
FALSE	evaluated 45 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

30-45

229 ) { -

230

if (!sk_push(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), ((void*) (1 ? (xtmp) : (X509*)0)))

!sk_push(((_ST... : (X509*)0)))	Description
TRUE	never evaluated
FALSE	evaluated 30 times by 1 test Evaluated by: ssltest

) {

0-30

231 ERR_put_error(11,(0xfff),((1|64)),__FILE__,330); -

232 ctx->error = 17; -

233 ok = 0; -

234

goto

never executed: goto end;

end;

never executed: goto end;

235 } -

236 X509_up_ref(xtmp); -

237 (void)(X509 *)sk_delete_ptr(((_STACK*) (1 ? (sktmp) : (struct stack_st_X509*)0)), ((void*) (1 ? (xtmp) : (X509*)0))); -

238 ctx->last_untrusted++; -

239 x = xtmp; -

240 num++; -

241 -

242 -

243 -

244

continue;

executed 30 times by 1 test: continue;

Executed by:

ssltest

245 } -

246

}

executed 45 times by 3 tests: end of block

Executed by:

pkcs7test
ssltest
tlstest

247

break;

executed 107 times by 4 tests: break;

Executed by:

pkcs7test
servertest
ssltest
tlstest

107

248 } -

249 -

250 j = num; -

251 -

252 -

253 -

254 -

255 -

256 -

257 -

258 do { -

259 -

260 -

261 -

262 -

263 i = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))); -

264 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (i - 1))); -

265

if (cert_self_signed(x)

cert_self_signed(x)	Description
TRUE	evaluated 15 times by 1 test Evaluated by: ssltest
FALSE	evaluated 107 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

15-107

266 -

267

if (i == 1

i == 1	Description
TRUE	never evaluated
FALSE	evaluated 15 times by 1 test Evaluated by: ssltest

) {

0-15

268 -

269 -

270 -

271 -

272 -

273 -

274 -

275 ok = ctx->get_issuer(&xtmp, ctx, x); -

276

if ((

(ok <= 0)	Description
TRUE	never evaluated
FALSE	never evaluated

ok <= 0)

(ok <= 0)	Description
TRUE	never evaluated
FALSE	never evaluated

|| X509_cmp(x, xtmp)

X509_cmp(x, xtmp)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

277 ctx->error = 18; -

278 ctx->current_cert = x; -

279 ctx->error_depth = i - 1; -

280

if (ok == 1

ok == 1	Description
TRUE	never evaluated
FALSE	never evaluated

)

281

X509_free(xtmp);

never executed: X509_free(xtmp);

282 bad_chain = 1; -

283 ok = cb(0, ctx); -

284

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

285

goto

never executed: goto end;

end;

never executed: goto end;

286

}

never executed: end of block

else {

287 -

288 -

289 -

290 -

291 -

292 -

293 X509_free(x); -

294 x = xtmp; -

295 (void)sk_set(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (i - 1), ((void*) (1 ? (x) : (X509*)0))); -

296 ctx->last_untrusted = 0; -

297

}

never executed: end of block

298 } else { -

299 -

300 -

301 -

302 -

303 chain_ss = (X509 *)sk_pop(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))); -

304 ctx->last_untrusted--; -

305 num--; -

306 j--; -

307 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (num - 1))); -

308

}

executed 15 times by 1 test: end of block

Executed by:

ssltest

309 } -

310 -

311 for (;;) { -

312 -

313

if (depth < num

depth < num	Description
TRUE	never evaluated
FALSE	evaluated 179 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-179

314

break;

never executed: break;

315 -

316

if (cert_self_signed(x)

cert_self_signed(x)	Description
TRUE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 143 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

36-143

317

break;

executed 36 times by 2 tests: break;

Executed by:

ssltest
tlstest

318 ok = ctx->get_issuer(&xtmp, ctx, x); -

319 -

320

if (ok < 0

ok < 0	Description
TRUE	never evaluated
FALSE	evaluated 143 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-143

321 ctx->error = 66; -

322

goto

never executed: goto end;

end;

never executed: goto end;

323 } -

324

if (ok == 0

ok == 0	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	evaluated 57 times by 2 tests Evaluated by: ssltest tlstest

)

57-86

325

break;

executed 86 times by 4 tests: break;

Executed by:

pkcs7test
servertest
ssltest
tlstest

326 x = xtmp; -

327

if (!sk_push(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), ((void*) (1 ? (x) : (X509*)0)))

!sk_push(((_ST... : (X509*)0)))	Description
TRUE	never evaluated
FALSE	evaluated 57 times by 2 tests Evaluated by: ssltest tlstest

) {

0-57

328 X509_free(xtmp); -

329 ERR_put_error(11,(0xfff),((1|64)),__FILE__,428); -

330 ctx->error = 17; -

331 ok = 0; -

332

goto

never executed: goto end;

end;

never executed: goto end;

333 } -

334 num++; -

335

}

executed 57 times by 2 tests: end of block

Executed by:

ssltest
tlstest

336 -

337 -

338 trust = check_trust(ctx); -

339 -

340 -

341

if (trust == 2

trust == 2	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-122

342 ok = 0; -

343

goto

never executed: goto end;

end;

never executed: goto end;

344 } -

345 -

346 -

347 -

348 -

349 -

350 -

351 -

352 retry = 0; -

353

if (trust != 1

trust != 1	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

36-86

354

!(ctx->param->flags & 0x8000)

!(ctx->param->flags & 0x8000)	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-86

355

!(ctx->param->flags & 0x100000)

!(ctx->param->...gs & 0x100000)	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

) {

0-86

356

while (j-- > 1

j-- > 1	Description
TRUE	never evaluated
FALSE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-86

357 xtmp2 = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (j - 1))); -

358 ok = ctx->get_issuer(&xtmp, ctx, xtmp2); -

359

if (ok < 0

ok < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

360

goto

never executed: goto end;

end;

never executed: goto end;

361 -

362

if (ok > 0

ok > 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

363 -

364 -

365 -

366 -

367 X509_free(xtmp); -

368 -

369 -

370 -

371 -

372 -

373

while (num > j

num > j	Description
TRUE	never evaluated
FALSE	never evaluated

) {

374 xtmp = (X509 *)sk_pop(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))); -

375 X509_free(xtmp); -

376 num--; -

377

}

never executed: end of block

378 ctx->last_untrusted = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))); -

379 retry = 1; -

380

break;

never executed: break;

381 } -

382

}

never executed: end of block

383

}

executed 86 times by 4 tests: end of block

Executed by:

pkcs7test
servertest
ssltest
tlstest

384

}

executed 122 times by 4 tests: end of block

Executed by:

pkcs7test
servertest
ssltest
tlstest

while (retry

retry	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

);

0-122

385 -

386 -

387 -

388 -

389 -

390 -

391

if (trust != 1

trust != 1	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

&& !bad_chain

!bad_chain	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

) {

0-86

392

if ((

(chain_ss == ((void *)0) )	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

chain_ss ==

(chain_ss == ((void *)0) )	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-86

393

((void *)0)

(chain_ss == ((void *)0) )	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-86

394

)

(chain_ss == ((void *)0) )	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

|| !ctx->check_issued(ctx, x, chain_ss)

!ctx->check_is..., x, chain_ss)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-86

395

if (ctx->last_untrusted >= num

ctx->last_untrusted >= num	Description
TRUE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

)

0-86

396

ctx->error = 20;

executed 86 times by 4 tests: ctx->error = 20;

Executed by:

pkcs7test
servertest
ssltest
tlstest

397 else -

398

ctx->error = 2;

never executed: ctx->error = 2;

399 ctx->current_cert = x; -

400

}

executed 86 times by 4 tests: end of block

Executed by:

pkcs7test
servertest
ssltest
tlstest

else {

401

if (!sk_push(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), ((void*) (1 ? (chain_ss) : (X509*)0)))

!sk_push(((_ST... : (X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

) {

402 ERR_put_error(11,(0xfff),((1|64)),__FILE__,499); -

403 ctx->error = 17; -

404 ok = 0; -

405

goto

never executed: goto end;

end;

never executed: goto end;

406 } -

407 num++; -

408 ctx->last_untrusted = num; -

409 ctx->current_cert = chain_ss; -

410 ctx->error = 19; -

411 chain_ss = -

412 ((void *)0) -

413 ; -

414

}

never executed: end of block

415 -

416 ctx->error_depth = num - 1; -

417 bad_chain = 1; -

418 ok = cb(0, ctx); -

419

if (!ok

!ok	Description
TRUE	evaluated 84 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	evaluated 2 times by 1 test Evaluated by: pkcs7test

)

2-84

420

goto

executed 84 times by 3 tests: goto end;

Executed by:

servertest
ssltest
tlstest

end;

executed 84 times by 3 tests: goto end;

Executed by:

servertest
ssltest
tlstest

421

}

executed 2 times by 1 test: end of block

Executed by:

pkcs7test

422 -

423 -

424 ok = check_chain_extensions(ctx); -

425

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

0-38

426

goto

never executed: goto end;

end;

never executed: goto end;

427 -

428 -

429 ok = check_name_constraints(ctx); -

430

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

0-38

431

goto

never executed: goto end;

end;

never executed: goto end;

432 -

433 ok = check_id(ctx); -

434

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

0-38

435

goto

never executed: goto end;

end;

never executed: goto end;

436 -

437 -

438 -

439 -

440 ok = ctx->check_revocation(ctx); -

441

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

0-38

442

goto

never executed: goto end;

end;

never executed: goto end;

443 -

444 -

445

if (ctx->verify !=

ctx->verify != ((void *)0)	Description
TRUE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

0-38

446

((void *)0)

ctx->verify != ((void *)0)	Description
TRUE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

0-38

447 ) -

448

ok = ctx->verify(ctx);

executed 38 times by 3 tests: ok = ctx->verify(ctx);

Executed by:

pkcs7test
ssltest
tlstest

449 else -

450

ok = internal_verify(ctx);

never executed: ok = internal_verify(ctx);

451

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

0-38

452

goto

never executed: goto end;

end;

never executed: goto end;

453 -

454 -

455

if (!bad_chain

!bad_chain	Description
TRUE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 2 times by 1 test Evaluated by: pkcs7test

&& (

(ctx->param->flags & 0x80)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

ctx->param->flags & 0x80)

(ctx->param->flags & 0x80)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

)

0-36

456

ok = ctx->check_policy(ctx);

never executed: ok = ctx->check_policy(ctx);

457 -

458

end:

code before this statement executed 38 times by 3 tests: end:

Executed by:

pkcs7test
ssltest
tlstest

459 sk_free(((_STACK*) (1 ? (sktmp) : (struct stack_st_X509*)0))); -

460 X509_free(chain_ss); -

461 -

462 -

463

if (ok <= 0

ok <= 0	Description
TRUE	evaluated 84 times by 3 tests Evaluated by: servertest ssltest tlstest
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

&& ctx->error == 0

ctx->error == 0	Description
TRUE	never evaluated
FALSE	evaluated 84 times by 3 tests Evaluated by: servertest ssltest tlstest

)

0-84

464

ctx->error = 1;

never executed: ctx->error = 1;

465

return

executed 122 times by 4 tests: return ok;

Executed by:

pkcs7test
servertest
ssltest
tlstest

ok;

executed 122 times by 4 tests: return ok;

Executed by:

pkcs7test
servertest
ssltest
tlstest

122

466 } -

467 -

468 -

469 -

470 -

471 static X509 * -

472 find_issuer(X509_STORE_CTX *ctx, struct stack_st_X509 *sk, X509 *x) -

473 { -

474 int i; -

475 X509 *issuer, *rv = -

476 ((void *)0) -

477 ; -

478 -

479

for (i = 0; i < sk_num(((_STACK*) (1 ? (sk) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	evaluated 106 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 45 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

; i++) {

45-106

480 issuer = ((X509 *)sk_value(((_STACK*) (1 ? (sk) : (struct stack_st_X509*)0)), (i))); -

481

if (ctx->check_issued(ctx, x, issuer)

ctx->check_iss...tx, x, issuer)	Description
TRUE	evaluated 30 times by 1 test Evaluated by: ssltest
FALSE	evaluated 76 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

) {

30-76

482 rv = issuer; -

483

if (x509_check_cert_time(ctx, rv, -1)

x509_check_cer...e(ctx, rv, -1)	Description
TRUE	evaluated 30 times by 1 test Evaluated by: ssltest
FALSE	never evaluated

)

0-30

484

break;

executed 30 times by 1 test: break;

Executed by:

ssltest

485

}

never executed: end of block

486

}

executed 76 times by 3 tests: end of block

Executed by:

pkcs7test
ssltest
tlstest

487

return

executed 75 times by 3 tests: return rv;

Executed by:

pkcs7test
ssltest
tlstest

rv;

executed 75 times by 3 tests: return rv;

Executed by:

pkcs7test
ssltest
tlstest

488 } -

489 -

490 -

491 -

492 static int -

493 check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) -

494 { -

495 int ret; -

496 -

497 ret = X509_check_issued(issuer, x); -

498

if (ret == 0

ret == 0	Description
TRUE	evaluated 123 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 78 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

78-123

499

return

executed 123 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

executed 123 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

123

500 -

501

if (!(ctx->param->flags & 0x1)

!(ctx->param->flags & 0x1)	Description
TRUE	evaluated 78 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

)

0-78

502

return

executed 78 times by 3 tests: return 0;

Executed by:

pkcs7test
ssltest
tlstest

executed 78 times by 3 tests: return 0;

Executed by:

pkcs7test
ssltest
tlstest

503 -

504 ctx->error = ret; -

505 ctx->current_cert = x; -

506 ctx->current_issuer = issuer; -

507

return

never executed: return ctx->verify_cb(0, ctx);

ctx->verify_cb(0, ctx);

never executed: return ctx->verify_cb(0, ctx);

508 } -

509 -

510 -

511 -

512 static int -

513 get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) -

514 { -

515 *issuer = find_issuer(ctx, ctx->other_ctx, x); -

516

if (*

*issuer	Description
TRUE	never evaluated
FALSE	never evaluated

issuer

*issuer	Description
TRUE	never evaluated
FALSE	never evaluated

) {

517 CRYPTO_add_lock(&(*issuer)->references,1,3,__FILE__,608); -

518

return

never executed: return 1;

519 } else -

520

return

never executed: return 0;

521 } -

522 -

523 -

524 -

525 -

526 -

527 static int -

528 check_chain_extensions(X509_STORE_CTX *ctx) -

529 { -

530 -

531 -

532 -

533 int i, ok = 0, must_be_ca, plen = 0; -

534 X509 *x; -

535 int (*cb)(int xok, X509_STORE_CTX *xctx); -

536 int proxy_path_length = 0; -

537 int purpose; -

538 int allow_proxy_certs; -

539 -

540 cb = ctx->verify_cb; -

541 must_be_ca = -1; -

542 -

543 -

544

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

) {

0-38

545 allow_proxy_certs = 0; -

546 purpose = 6; -

547

}

never executed: end of block

else {

548 allow_proxy_certs = -

549 !!(ctx->param->flags & 0x40); -

550 purpose = ctx->param->purpose; -

551

}

executed 38 times by 3 tests: end of block

Executed by:

pkcs7test
ssltest
tlstest

552 -

553 -

554

for (i = 0; i < ctx->last_untrusted

i < ctx->last_untrusted	Description
TRUE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

; i++) {

38-53

555 int ret; -

556 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (i))); -

557

if (!(ctx->param->flags & 0x10)

!(ctx->param->flags & 0x10)	Description
TRUE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

0-53

558

(

(x->ex_flags & 0x0200)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

x->ex_flags & 0x0200)

(x->ex_flags & 0x0200)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

) {

0-53

559 ctx->error = 34; -

560 ctx->error_depth = i; -

561 ctx->current_cert = x; -

562 ok = cb(0, ctx); -

563

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

564

goto

never executed: goto end;

end;

never executed: goto end;

565

}

never executed: end of block

566

if (!allow_proxy_certs

!allow_proxy_certs	Description
TRUE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

&& (

(x->ex_flags & 0x0400)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

x->ex_flags & 0x0400)

(x->ex_flags & 0x0400)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

) {

0-53

567 ctx->error = 40; -

568 ctx->error_depth = i; -

569 ctx->current_cert = x; -

570 ok = cb(0, ctx); -

571

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

572

goto

never executed: goto end;

end;

never executed: goto end;

573

}

never executed: end of block

574 ret = X509_check_ca(x); -

575 switch (must_be_ca) { -

576

case

executed 38 times by 3 tests: case -1:

Executed by:

pkcs7test
ssltest
tlstest

-1:

executed 38 times by 3 tests: case -1:

Executed by:

pkcs7test
ssltest
tlstest

577

if ((

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

ctx->param->flags & 0x20)

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-38

578

(

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

ret != 1)

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

&& (

(ret != 0)	Description
TRUE	never evaluated
FALSE	never evaluated

ret != 0)

(ret != 0)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

579 ret = 0; -

580 ctx->error = 24; -

581

}

never executed: end of block

else

582

ret = 1;

executed 38 times by 3 tests: ret = 1;

Executed by:

pkcs7test
ssltest
tlstest

583

break;

executed 38 times by 3 tests: break;

Executed by:

pkcs7test
ssltest
tlstest

584

case

never executed: case 0:

585

if (ret != 0

ret != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

586 ret = 0; -

587 ctx->error = 37; -

588

}

never executed: end of block

else

589

ret = 1;

never executed: ret = 1;

590

break;

never executed: break;

591

default

executed 15 times by 1 test: default:

Executed by:

ssltest

executed 15 times by 1 test: default:

Executed by:

ssltest

592

if ((

(ret == 0)	Description
TRUE	never evaluated
FALSE	evaluated 15 times by 1 test Evaluated by: ssltest

ret == 0)

(ret == 0)	Description
TRUE	never evaluated
FALSE	evaluated 15 times by 1 test Evaluated by: ssltest

0-15

593

((

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 15 times by 1 test Evaluated by: ssltest

ctx->param->flags & 0x20)

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 15 times by 1 test Evaluated by: ssltest

0-15

594

(

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

ret != 1)

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

)) {

595 ret = 0; -

596 ctx->error = 24; -

597

}

never executed: end of block

else

598

ret = 1;

executed 15 times by 1 test: ret = 1;

Executed by:

ssltest

599

break;

executed 15 times by 1 test: break;

Executed by:

ssltest

600 } -

601

if (ret == 0

ret == 0	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

) {

0-53

602 ctx->error_depth = i; -

603 ctx->current_cert = x; -

604 ok = cb(0, ctx); -

605

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

606

goto

never executed: goto end;

end;

never executed: goto end;

607

}

never executed: end of block

608

if (ctx->param->purpose > 0

ctx->param->purpose > 0	Description
TRUE	evaluated 36 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 17 times by 1 test Evaluated by: ssltest

) {

17-36

609 ret = X509_check_purpose(x, purpose, must_be_ca > 0); -

610

if ((

(ret == 0)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

ret == 0)

(ret == 0)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-36

611

((

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

ctx->param->flags & 0x20)

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

0-36

612

(

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

ret != 1)

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

)) {

613 ctx->error = 26; -

614 ctx->error_depth = i; -

615 ctx->current_cert = x; -

616 ok = cb(0, ctx); -

617

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

618

goto

never executed: goto end;

end;

never executed: goto end;

619

}

never executed: end of block

620

}

executed 36 times by 3 tests: end of block

Executed by:

pkcs7test
ssltest
tlstest

621 -

622

if ((

(i > 1)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

i > 1)

(i > 1)	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

&& !(x->ex_flags & 0x0020)

!(x->ex_flags & 0x0020)	Description
TRUE	never evaluated
FALSE	never evaluated

0-53

623

(

(x->ex_pathlen != -1)	Description
TRUE	never evaluated
FALSE	never evaluated

x->ex_pathlen != -1)

(x->ex_pathlen != -1)	Description
TRUE	never evaluated
FALSE	never evaluated

624

(

(plen > (x->ex...h_length + 1))	Description
TRUE	never evaluated
FALSE	never evaluated

plen > (x->ex_pathlen + proxy_path_length + 1))

(plen > (x->ex...h_length + 1))	Description
TRUE	never evaluated
FALSE	never evaluated

) {

625 ctx->error = 25; -

626 ctx->error_depth = i; -

627 ctx->current_cert = x; -

628 ok = cb(0, ctx); -

629

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

630

goto

never executed: goto end;

end;

never executed: goto end;

631

}

never executed: end of block

632 -

633

if (!(x->ex_flags & 0x0020)

!(x->ex_flags & 0x0020)	Description
TRUE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

)

0-53

634

plen++;

executed 53 times by 3 tests: plen++;

Executed by:

pkcs7test
ssltest
tlstest

635 -

636 -

637 -

638 -

639

if (x->ex_flags & 0x0400

x->ex_flags & 0x0400	Description
TRUE	never evaluated
FALSE	evaluated 53 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

) {

0-53

640

if (x->ex_pcpathlen != -1

x->ex_pcpathlen != -1	Description
TRUE	never evaluated
FALSE	never evaluated

&& i > x->ex_pcpathlen

i > x->ex_pcpathlen	Description
TRUE	never evaluated
FALSE	never evaluated

) {

641 ctx->error = -

642 38; -

643 ctx->error_depth = i; -

644 ctx->current_cert = x; -

645 ok = cb(0, ctx); -

646

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

647

goto

never executed: goto end;

end;

never executed: goto end;

648

}

never executed: end of block

649 proxy_path_length++; -

650 must_be_ca = 0; -

651

}

never executed: end of block

else

652

must_be_ca = 1;

executed 53 times by 3 tests: must_be_ca = 1;

Executed by:

pkcs7test
ssltest
tlstest

653 } -

654 ok = 1; -

655 -

656

end:

code before this statement executed 38 times by 3 tests: end:

Executed by:

pkcs7test
ssltest
tlstest

657

return

executed 38 times by 3 tests: return ok;

Executed by:

pkcs7test
ssltest
tlstest

ok;

executed 38 times by 3 tests: return ok;

Executed by:

pkcs7test
ssltest
tlstest

658 -

659 } -

660 -

661 static int -

662 check_name_constraints(X509_STORE_CTX *ctx) -

663 { -

664 X509 *x; -

665 int i, j, rv; -

666 -

667 -

668

for (i = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1; i >= 0

i >= 0	Description
TRUE	evaluated 110 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

; i--) {

38-110

669 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (i))); -

670 -

671

if (i

i	Description
TRUE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

&& (

(x->ex_flags & 0x0020)	Description
TRUE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

x->ex_flags & 0x0020)

(x->ex_flags & 0x0020)	Description
TRUE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

)

36-72

672

continue;

executed 36 times by 2 tests: continue;

Executed by:

ssltest
tlstest

673 -

674 -

675 -

676 -

677 -

678

for (j = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1; j > i

j > i	Description
TRUE	evaluated 108 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 74 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

; j--) {

74-108

679 NAME_CONSTRAINTS *nc = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (j)))->nc; -

680

if (nc

nc	Description
TRUE	never evaluated
FALSE	evaluated 108 times by 2 tests Evaluated by: ssltest tlstest

) {

0-108

681 rv = NAME_CONSTRAINTS_check(x, nc); -

682

if (rv != 0

rv != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

683 ctx->error = rv; -

684 ctx->error_depth = i; -

685 ctx->current_cert = x; -

686

if (!ctx->verify_cb(0, ctx)

!ctx->verify_cb(0, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

687

return

never executed: return 0;

688

}

never executed: end of block

689

}

never executed: end of block

690

}

executed 108 times by 2 tests: end of block

Executed by:

ssltest
tlstest

108

691

}

executed 74 times by 3 tests: end of block

Executed by:

pkcs7test
ssltest
tlstest

692

return

executed 38 times by 3 tests: return 1;

Executed by:

pkcs7test
ssltest
tlstest

executed 38 times by 3 tests: return 1;

Executed by:

pkcs7test
ssltest
tlstest

693 } -

694 -

695 -

696 -

697 static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) -

698 { -

699 struct stack_st_X509 *certs; -

700 X509 *xtmp = -

701 ((void *)0) -

702 ; -

703 size_t i; -

704 -

705 -

706 certs = ctx->lookup_certs(ctx, X509_get_subject_name(x)); -

707

if (certs ==

certs == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

708

((void *)0)

certs == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

709 ) -

710

return

never executed: return ((void *)0) ;

711

((void *)0)

never executed: return ((void *)0) ;

712

;

never executed: return ((void *)0) ;

713 -

714 -

715

for (i = 0; i < sk_num(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

716 xtmp = ((X509 *)sk_value(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), (i))); -

717

if (!X509_cmp(xtmp, x)

!X509_cmp(xtmp, x)	Description
TRUE	never evaluated
FALSE	never evaluated

)

718

break;

never executed: break;

719

}

never executed: end of block

720 -

721

if (i < sk_num(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

)

722

X509_up_ref(xtmp);

never executed: X509_up_ref(xtmp);

723 else -

724

xtmp =

never executed: xtmp = ((void *)0) ;

725

((void *)0)

never executed: xtmp = ((void *)0) ;

726

;

never executed: xtmp = ((void *)0) ;

727 -

728 sk_pop_free(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), ((void (*)(void *)) ((1 ? (X509_free) : (void (*)(X509 *))0)))); -

729

return

never executed: return xtmp;

xtmp;

never executed: return xtmp;

730 } -

731 -

732 static int check_trust(X509_STORE_CTX *ctx) -

733 { -

734 size_t i; -

735 int ok; -

736 X509 *x = -

737 ((void *)0) -

738 ; -

739 int (*cb) (int xok, X509_STORE_CTX *xctx); -

740 -

741 cb = ctx->verify_cb; -

742 -

743

for (i = ctx->last_untrusted; i < sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	evaluated 57 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

; i++) {

57-86

744 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (i))); -

745 ok = X509_check_trust(x, ctx->param->trust, 0); -

746 -

747 -

748

if (ok == 1

ok == 1	Description
TRUE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 21 times by 2 tests Evaluated by: ssltest tlstest

)

21-36

749

return

executed 36 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

executed 36 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

750 -

751 -

752 -

753 -

754

if (ok == 2

ok == 2	Description
TRUE	never evaluated
FALSE	evaluated 21 times by 2 tests Evaluated by: ssltest tlstest

) {

0-21

755 ctx->error_depth = i; -

756 ctx->current_cert = x; -

757 ctx->error = 28; -

758 ok = cb(0, ctx); -

759

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

760

return

never executed: return 2;

761

}

never executed: end of block

762

}

executed 21 times by 2 tests: end of block

Executed by:

ssltest
tlstest

763 -

764 -

765 -

766 -

767

if (ctx->param->flags & 0x80000

ctx->param->flags & 0x80000	Description
TRUE	never evaluated
FALSE	evaluated 86 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-86

768 X509 *mx; -

769

if (ctx->last_untrusted < (int)sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)))

ctx->last_untr..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

)

770

return

never executed: return 1;

771 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (0))); -

772 mx = lookup_cert_match(ctx, x); -

773

if (mx

mx	Description
TRUE	never evaluated
FALSE	never evaluated

) {

774 (void)sk_set(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (0), ((void*) (1 ? (mx) : (X509*)0))); -

775 X509_free(x); -

776 ctx->last_untrusted = 0; -

777

return

never executed: return 1;

778 } -

779

}

never executed: end of block

780 -

781 -

782 -

783 -

784 -

785

return

executed 86 times by 4 tests: return 3;

Executed by:

pkcs7test
servertest
ssltest
tlstest

executed 86 times by 4 tests: return 3;

Executed by:

pkcs7test
servertest
ssltest
tlstest

786 } -

787 -

788 static int -

789 check_revocation(X509_STORE_CTX *ctx) -

790 { -

791 int i, last, ok; -

792 -

793

if (!(ctx->param->flags & 0x4)

!(ctx->param->flags & 0x4)	Description
TRUE	evaluated 38 times by 3 tests Evaluated by: pkcs7test ssltest tlstest
FALSE	never evaluated

)

0-38

794

return

executed 38 times by 3 tests: return 1;

Executed by:

pkcs7test
ssltest
tlstest

executed 38 times by 3 tests: return 1;

Executed by:

pkcs7test
ssltest
tlstest

795

if (ctx->param->flags & 0x8

ctx->param->flags & 0x8	Description
TRUE	never evaluated
FALSE	never evaluated

)

796

last = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1;

never executed: last = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1;

797 else { -

798 -

799

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	never evaluated

)

800

return

never executed: return 1;

801 last = 0; -

802

}

never executed: end of block

803

for (i = 0; i <= last

i <= last	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

804 ctx->error_depth = i; -

805 ok = check_cert(ctx); -

806

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

807

return

never executed: return ok;

ok;

never executed: return ok;

808

}

never executed: end of block

809

return

never executed: return 1;

810 } -

811 -

812 static int -

813 check_cert(X509_STORE_CTX *ctx) -

814 { -

815 X509_CRL *crl = -

816 ((void *)0) -

817 , *dcrl = -

818 ((void *)0) -

819 ; -

820 X509 *x; -

821 int ok = 0, cnum; -

822 unsigned int last_reasons; -

823 -

824 cnum = ctx->error_depth; -

825 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (cnum))); -

826 ctx->current_cert = x; -

827 ctx->current_issuer = -

828 ((void *)0) -

829 ; -

830 ctx->current_crl_score = 0; -

831 ctx->current_reasons = 0; -

832

while (ctx->current_reasons != 0x807f

ctx->current_reasons != 0x807f	Description
TRUE	never evaluated
FALSE	never evaluated

) {

833 last_reasons = ctx->current_reasons; -

834 -

835

if (ctx->get_crl

ctx->get_crl	Description
TRUE	never evaluated
FALSE	never evaluated

)

836

ok = ctx->get_crl(ctx, &crl, x);

never executed: ok = ctx->get_crl(ctx, &crl, x);

837 else -

838

ok = get_crl_delta(ctx, &crl, &dcrl, x);

never executed: ok = get_crl_delta(ctx, &crl, &dcrl, x);

839 -

840 -

841 -

842

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

) {

843 ctx->error = 3; -

844 ok = ctx->verify_cb(0, ctx); -

845

goto

never executed: goto err;

err;

never executed: goto err;

846 } -

847 ctx->current_crl = crl; -

848 ok = ctx->check_crl(ctx, crl); -

849

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

850

goto

never executed: goto err;

err;

never executed: goto err;

851 -

852

if (dcrl

dcrl	Description
TRUE	never evaluated
FALSE	never evaluated

) {

853 ok = ctx->check_crl(ctx, dcrl); -

854

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

855

goto

never executed: goto err;

err;

never executed: goto err;

856 ok = ctx->cert_crl(ctx, dcrl, x); -

857

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

858

goto

never executed: goto err;

err;

never executed: goto err;

859

}

never executed: end of block

else

860

ok = 1;

never executed: ok = 1;

861 -

862 -

863

if (ok != 2

ok != 2	Description
TRUE	never evaluated
FALSE	never evaluated

) {

864 ok = ctx->cert_crl(ctx, crl, x); -

865

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

866

goto

never executed: goto err;

err;

never executed: goto err;

867

}

never executed: end of block

868 -

869 ctx->current_crl = -

870 ((void *)0) -

871 ; -

872 X509_CRL_free(crl); -

873 X509_CRL_free(dcrl); -

874 crl = -

875 ((void *)0) -

876 ; -

877 dcrl = -

878 ((void *)0) -

879 ; -

880 -

881 -

882 -

883

if (last_reasons == ctx->current_reasons

last_reasons =...urrent_reasons	Description
TRUE	never evaluated
FALSE	never evaluated

) {

884 ctx->error = 3; -

885 ok = ctx->verify_cb(0, ctx); -

886

goto

never executed: goto err;

err;

never executed: goto err;

887 } -

888

}

never executed: end of block

889 -

890

err:

code before this statement never executed: err:

891 ctx->current_crl = -

892 ((void *)0) -

893 ; -

894 X509_CRL_free(crl); -

895 X509_CRL_free(dcrl); -

896

return

never executed: return ok;

ok;

never executed: return ok;

897 } -

898 -

899 -

900 -

901 static int -

902 check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) -

903 { -

904 time_t *ptime = -

905 ((void *)0) -

906 ; -

907 int i; -

908 -

909

if (ctx->param->flags & 0x200000

ctx->param->flags & 0x200000	Description
TRUE	never evaluated
FALSE	never evaluated

)

910

return

never executed: return (1);

(1);

never executed: return (1);

911 -

912

if (ctx->param->flags & 0x2

ctx->param->flags & 0x2	Description
TRUE	never evaluated
FALSE	never evaluated

)

913

ptime = &ctx->param->check_time;

never executed: ptime = &ctx->param->check_time;

914 -

915

if (notify

notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

916

ctx->current_crl = crl;

never executed: ctx->current_crl = crl;

917 -

918 i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); -

919

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

920

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

921

return

never executed: return 0;

922 ctx->error = 15; -

923

if (!ctx->verify_cb(0, ctx)

!ctx->verify_cb(0, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

924

return

never executed: return 0;

925

}

never executed: end of block

926 -

927

if (i > 0

i > 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

928

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

929

return

never executed: return 0;

930 ctx->error = 11; -

931

if (!ctx->verify_cb(0, ctx)

!ctx->verify_cb(0, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

932

return

never executed: return 0;

933

}

never executed: end of block

934 -

935

if (X509_CRL_get_nextUpdate(crl)

X509_CRL_get_nextUpdate(crl)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

936 i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); -

937 -

938

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

939

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

940

return

never executed: return 0;

941 ctx->error = 16; -

942

if (!ctx->verify_cb(0, ctx)

!ctx->verify_cb(0, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

943

return

never executed: return 0;

944

}

never executed: end of block

945 -

946

if ((

(i < 0)	Description
TRUE	never evaluated
FALSE	never evaluated

i < 0)

(i < 0)	Description
TRUE	never evaluated
FALSE	never evaluated

947

!(ctx->current_crl_score & 0x002)

!(ctx->current...score & 0x002)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

948

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

949

return

never executed: return 0;

950 ctx->error = 12; -

951

if (!ctx->verify_cb(0, ctx)

!ctx->verify_cb(0, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

952

return

never executed: return 0;

953

}

never executed: end of block

954

}

never executed: end of block

955 -

956

if (notify

notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

957

ctx->current_crl =

never executed: ctx->current_crl = ((void *)0) ;

958

((void *)0)

never executed: ctx->current_crl = ((void *)0) ;

959

;

never executed: ctx->current_crl = ((void *)0) ;

960 -

961

return

never executed: return 1;

962 } -

963 -

964 static int -

965 get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, -

966 X509 **pissuer, int *pscore, unsigned int *preasons, -

967 struct stack_st_X509_CRL *crls) -

968 { -

969 int i, crl_score, best_score = *pscore; -

970 unsigned int reasons, best_reasons = 0; -

971 X509 *x = ctx->current_cert; -

972 X509_CRL *crl, *best_crl = -

973 ((void *)0) -

974 ; -

975 X509 *crl_issuer = -

976 ((void *)0) -

977 , *best_crl_issuer = -

978 ((void *)0) -

979 ; -

980 -

981

for (i = 0; i < sk_num(((_STACK*) (1 ? (crls) : (struct stack_st_X509_CRL*)0)))

i < sk_num(((_...X509_CRL*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

982 crl = ((X509_CRL *)sk_value(((_STACK*) (1 ? (crls) : (struct stack_st_X509_CRL*)0)), (i))); -

983 reasons = *preasons; -

984 crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x); -

985 -

986

if (crl_score > best_score

crl_score > best_score	Description
TRUE	never evaluated
FALSE	never evaluated

) {

987 best_crl = crl; -

988 best_crl_issuer = crl_issuer; -

989 best_score = crl_score; -

990 best_reasons = reasons; -

991

}

never executed: end of block

992

}

never executed: end of block

993 -

994

if (best_crl

best_crl	Description
TRUE	never evaluated
FALSE	never evaluated

) {

995

if (*

*pcrl	Description
TRUE	never evaluated
FALSE	never evaluated

pcrl

*pcrl	Description
TRUE	never evaluated
FALSE	never evaluated

)

996

X509_CRL_free(*pcrl);

never executed: X509_CRL_free(*pcrl);

997 *pcrl = best_crl; -

998 *pissuer = best_crl_issuer; -

999 *pscore = best_score; -

1000 *preasons = best_reasons; -

1001 CRYPTO_add_lock(&best_crl->references,1,6,__FILE__,1067); -

1002

if (*

*pdcrl	Description
TRUE	never evaluated
FALSE	never evaluated

pdcrl

*pdcrl	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1003 X509_CRL_free(*pdcrl); -

1004 *pdcrl = -

1005 ((void *)0) -

1006 ; -

1007

}

never executed: end of block

1008 get_delta_sk(ctx, pdcrl, pscore, best_crl, crls); -

1009

}

never executed: end of block

1010 -

1011

if (best_score >= (0x100|0x040|0x080)

best_score >= ...0\|0x040\|0x080)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1012

return

never executed: return 1;

1013 -

1014

return

never executed: return 0;

1015 } -

1016 -

1017 -

1018 -

1019 -

1020 -

1021 static int -

1022 crl_extension_match(X509_CRL *a, X509_CRL *b, int nid) -

1023 { -

1024 ASN1_OCTET_STRING *exta, *extb; -

1025 int i; -

1026 -

1027 i = X509_CRL_get_ext_by_NID(a, nid, -1); -

1028

if (i >= 0

i >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1029 -

1030

if (X509_CRL_get_ext_by_NID(a, nid, i) != -1

X509_CRL_get_e... nid, i) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1031

return

never executed: return 0;

1032 exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i)); -

1033

}

never executed: end of block

else

1034

exta =

never executed: exta = ((void *)0) ;

1035

((void *)0)

never executed: exta = ((void *)0) ;

1036

;

never executed: exta = ((void *)0) ;

1037 -

1038 i = X509_CRL_get_ext_by_NID(b, nid, -1); -

1039 -

1040

if (i >= 0

i >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1041

if (X509_CRL_get_ext_by_NID(b, nid, i) != -1

X509_CRL_get_e... nid, i) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1042

return

never executed: return 0;

1043 extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i)); -

1044

}

never executed: end of block

else

1045

extb =

never executed: extb = ((void *)0) ;

1046

((void *)0)

never executed: extb = ((void *)0) ;

1047

;

never executed: extb = ((void *)0) ;

1048 -

1049

if (!exta

!exta	Description
TRUE	never evaluated
FALSE	never evaluated

&& !extb

!extb	Description
TRUE	never evaluated
FALSE	never evaluated

)

1050

return

never executed: return 1;

1051 -

1052

if (!exta

!exta	Description
TRUE	never evaluated
FALSE	never evaluated

|| !extb

!extb	Description
TRUE	never evaluated
FALSE	never evaluated

)

1053

return

never executed: return 0;

1054 -

1055

if (ASN1_OCTET_STRING_cmp(exta, extb)

ASN1_OCTET_STR...mp(exta, extb)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1056

return

never executed: return 0;

1057 -

1058

return

never executed: return 1;

1059 } -

1060 -

1061 -

1062 -

1063 static int -

1064 check_delta_base(X509_CRL *delta, X509_CRL *base) -

1065 { -

1066 -

1067

if (!delta->base_crl_number

!delta->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

)

1068

return

never executed: return 0;

1069 -

1070

if (!base->crl_number

!base->crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

)

1071

return

never executed: return 0;

1072 -

1073

if (X509_NAME_cmp(X509_CRL_get_issuer(base),

X509_NAME_cmp(...issuer(delta))	Description
TRUE	never evaluated
FALSE	never evaluated

1074

X509_CRL_get_issuer(delta))

X509_NAME_cmp(...issuer(delta))	Description
TRUE	never evaluated
FALSE	never evaluated

)

1075

return

never executed: return 0;

1076 -

1077

if (!crl_extension_match(delta, base, 90)

!crl_extension...lta, base, 90)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1078

return

never executed: return 0;

1079

if (!crl_extension_match(delta, base, 770)

!crl_extension...ta, base, 770)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1080

return

never executed: return 0;

1081 -

1082

if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0

ASN1_INTEGER_c...rl_number) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1083

return

never executed: return 0;

1084 -

1085

if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0

ASN1_INTEGER_c...rl_number) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1086

return

never executed: return 1;

1087

return

never executed: return 0;

1088 } -

1089 -

1090 -

1091 -

1092 -

1093 -

1094 static void -

1095 get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, X509_CRL *base, -

1096 struct stack_st_X509_CRL *crls) -

1097 { -

1098 X509_CRL *delta; -

1099 int i; -

1100 -

1101

if (!(ctx->param->flags & 0x2000)

!(ctx->param->flags & 0x2000)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1102

return;

never executed: return;

1103

if (!((ctx->current_cert->ex_flags | base->flags) & 0x1000)

!((ctx->curren...ags) & 0x1000)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1104

return;

never executed: return;

1105

for (i = 0; i < sk_num(((_STACK*) (1 ? (crls) : (struct stack_st_X509_CRL*)0)))

i < sk_num(((_...X509_CRL*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1106 delta = ((X509_CRL *)sk_value(((_STACK*) (1 ? (crls) : (struct stack_st_X509_CRL*)0)), (i))); -

1107

if (check_delta_base(delta, base)

check_delta_base(delta, base)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1108

if (check_crl_time(ctx, delta, 0)

check_crl_time(ctx, delta, 0)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1109

never executed: *pscore |= 0x002;

pscore |= 0x002;

never executed: *pscore |= 0x002;

1110 CRYPTO_add_lock(&delta->references,1,6,__FILE__,1170); -

1111 *dcrl = delta; -

1112

return;

never executed: return;

1113 } -

1114

}

never executed: end of block

1115 *dcrl = -

1116 ((void *)0) -

1117 ; -

1118

}

never executed: end of block

1119 static int -

1120 get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, unsigned int *preasons, -

1121 X509_CRL *crl, X509 *x) -

1122 { -

1123 int crl_score = 0; -

1124 unsigned int tmp_reasons = *preasons, crl_reasons; -

1125 -

1126 -

1127 -

1128 -

1129

if (crl->idp_flags & 0x2

crl->idp_flags & 0x2	Description
TRUE	never evaluated
FALSE	never evaluated

)

1130

return

never executed: return 0;

1131 -

1132

if (!(ctx->param->flags & 0x1000)

!(ctx->param->flags & 0x1000)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1133

if (crl->idp_flags & (0x20 | 0x40)

crl->idp_flags & (0x20 \| 0x40)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1134

return

never executed: return 0;

1135

}

never executed: end of block

else if (crl->idp_flags & 0x40

crl->idp_flags & 0x40	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1136 -

1137

if (!(crl->idp_reasons & ~tmp_reasons)

!(crl->idp_rea... ~tmp_reasons)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1138

return

never executed: return 0;

1139

}

never executed: end of block

1140 -

1141

else if (crl->base_crl_number

crl->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

)

1142

return

never executed: return 0;

1143 -

1144

if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))

X509_NAME_cmp(...t_issuer(crl))	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1145

if (!(crl->idp_flags & 0x20)

!(crl->idp_flags & 0x20)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1146

return

never executed: return 0;

1147

}

never executed: end of block

else

1148

crl_score |= 0x020;

never executed: crl_score |= 0x020;

1149 -

1150

if (!(crl->flags & 0x0200)

!(crl->flags & 0x0200)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1151

crl_score |= 0x100;

never executed: crl_score |= 0x100;

1152 -

1153 -

1154

if (check_crl_time(ctx, crl, 0)

check_crl_time(ctx, crl, 0)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1155

crl_score |= 0x040;

never executed: crl_score |= 0x040;

1156 -

1157 -

1158 crl_akid_check(ctx, crl, pissuer, &crl_score); -

1159 -

1160 -

1161 -

1162

if (!(crl_score & 0x004)

!(crl_score & 0x004)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1163

return

never executed: return 0;

1164 -

1165 -

1166 -

1167

if (crl_crldp_check(x, crl, crl_score, &crl_reasons)

crl_crldp_chec... &crl_reasons)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1168 -

1169

if (!(crl_reasons & ~tmp_reasons)

!(crl_reasons & ~tmp_reasons)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1170

return

never executed: return 0;

1171 tmp_reasons |= crl_reasons; -

1172 crl_score |= 0x080; -

1173

}

never executed: end of block

1174 -

1175 *preasons = tmp_reasons; -

1176 -

1177

return

never executed: return crl_score;

crl_score;

never executed: return crl_score;

1178 } -

1179 -

1180 static void -

1181 crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, -

1182 int *pcrl_score) -

1183 { -

1184 X509 *crl_issuer = -

1185 ((void *)0) -

1186 ; -

1187 X509_NAME *cnm = X509_CRL_get_issuer(crl); -

1188 int cidx = ctx->error_depth; -

1189 int i; -

1190 -

1191

if (cidx != sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1

cidx != sk_num...X509*)0))) - 1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1192

cidx++;

never executed: cidx++;

1193 -

1194 crl_issuer = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (cidx))); -

1195 -

1196

if (X509_check_akid(crl_issuer, crl->akid) == 0

X509_check_aki...rl->akid) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1197

if (*

*pcrl_score & 0x020	Description
TRUE	never evaluated
FALSE	never evaluated

pcrl_score & 0x020

*pcrl_score & 0x020	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1198 *pcrl_score |= 0x004|0x018; -

1199 *pissuer = crl_issuer; -

1200

return;

never executed: return;

1201 } -

1202

}

never executed: end of block

1203 -

1204

for (cidx++; cidx < sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)))

cidx < sk_num(..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; cidx++) {

1205 crl_issuer = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (cidx))); -

1206

if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)

X509_NAME_cmp(..._issuer), cnm)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1207

continue;

never executed: continue;

1208

if (X509_check_akid(crl_issuer, crl->akid) == 0

X509_check_aki...rl->akid) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1209 *pcrl_score |= 0x004|0x008; -

1210 *pissuer = crl_issuer; -

1211

return;

never executed: return;

1212 } -

1213

}

never executed: end of block

1214 -

1215 -

1216 -

1217

if (!(ctx->param->flags & 0x1000)

!(ctx->param->flags & 0x1000)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1218

return;

never executed: return;

1219 -

1220 -

1221 -

1222 -

1223

for (i = 0; i < sk_num(((_STACK*) (1 ? (ctx->untrusted) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1224 crl_issuer = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->untrusted) : (struct stack_st_X509*)0)), (i))); -

1225

if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)

X509_NAME_cmp(..._issuer), cnm)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1226

continue;

never executed: continue;

1227

if (X509_check_akid(crl_issuer, crl->akid) == 0

X509_check_aki...rl->akid) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1228 *pissuer = crl_issuer; -

1229 *pcrl_score |= 0x004; -

1230

return;

never executed: return;

1231 } -

1232

}

never executed: end of block

1233

}

never executed: end of block

1234 static int -

1235 check_crl_path(X509_STORE_CTX *ctx, X509 *x) -

1236 { -

1237 X509_STORE_CTX crl_ctx; -

1238 int ret; -

1239 -

1240 -

1241

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	never evaluated

)

1242

return

never executed: return 0;

1243

if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)

!X509_STORE_CT...tx->untrusted)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1244 ret = -1; -

1245

goto

never executed: goto err;

err;

never executed: goto err;

1246 } -

1247 -

1248 crl_ctx.crls = ctx->crls; -

1249 -

1250 X509_STORE_CTX_set0_param(&crl_ctx, ctx->param); -

1251 -

1252 crl_ctx.parent = ctx; -

1253 crl_ctx.verify_cb = ctx->verify_cb; -

1254 -

1255 -

1256 ret = X509_verify_cert(&crl_ctx); -

1257 -

1258

if (ret <= 0

ret <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1259

goto

never executed: goto err;

err;

never executed: goto err;

1260 -

1261 -

1262 ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain); -

1263 -

1264

err:

code before this statement never executed: err:

1265 X509_STORE_CTX_cleanup(&crl_ctx); -

1266

return

never executed: return ret;

ret;

never executed: return ret;

1267 } -

1268 static int -

1269 check_crl_chain(X509_STORE_CTX *ctx, struct stack_st_X509 *cert_path, -

1270 struct stack_st_X509 *crl_path) -

1271 { -

1272 X509 *cert_ta, *crl_ta; -

1273 -

1274 cert_ta = ((X509 *)sk_value(((_STACK*) (1 ? (cert_path) : (struct stack_st_X509*)0)), (sk_num(((_STACK*) (1 ? (cert_path) : (struct stack_st_X509*)0))) - 1))); -

1275 crl_ta = ((X509 *)sk_value(((_STACK*) (1 ? (crl_path) : (struct stack_st_X509*)0)), (sk_num(((_STACK*) (1 ? (crl_path) : (struct stack_st_X509*)0))) - 1))); -

1276

if (!X509_cmp(cert_ta, crl_ta)

!X509_cmp(cert_ta, crl_ta)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1277

return

never executed: return 1;

1278

return

never executed: return 0;

1279 } -

1280 static int -

1281 idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b) -

1282 { -

1283 X509_NAME *nm = -

1284 ((void *)0) -

1285 ; -

1286 GENERAL_NAMES *gens = -

1287 ((void *)0) -

1288 ; -

1289 GENERAL_NAME *gena, *genb; -

1290 int i, j; -

1291 -

1292

if (!a

!a	Description
TRUE	never evaluated
FALSE	never evaluated

|| !b

!b	Description
TRUE	never evaluated
FALSE	never evaluated

)

1293

return

never executed: return 1;

1294

if (a->type == 1

a->type == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1295

if (!a->dpname

!a->dpname	Description
TRUE	never evaluated
FALSE	never evaluated

)

1296

return

never executed: return 0;

1297 -

1298

if (b->type == 1

b->type == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1299

if (!b->dpname

!b->dpname	Description
TRUE	never evaluated
FALSE	never evaluated

)

1300

return

never executed: return 0;

1301

if (!X509_NAME_cmp(a->dpname, b->dpname)

!X509_NAME_cmp...me, b->dpname)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1302

return

never executed: return 1;

1303 else -

1304

return

never executed: return 0;

1305 } -

1306 -

1307 nm = a->dpname; -

1308 gens = b->name.fullname; -

1309

}

never executed: end of block

else if (b->type == 1

b->type == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1310

if (!b->dpname

!b->dpname	Description
TRUE	never evaluated
FALSE	never evaluated

)

1311

return

never executed: return 0;

1312 -

1313 gens = a->name.fullname; -

1314 nm = b->dpname; -

1315

}

never executed: end of block

1316 -

1317 -

1318

if (nm

nm	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1319

for (i = 0; i < sk_num(((_STACK*) (1 ? (gens) : (struct stack_st_GENERAL_NAME*)0)))

i < sk_num(((_...RAL_NAME*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1320 gena = ((GENERAL_NAME *)sk_value(((_STACK*) (1 ? (gens) : (struct stack_st_GENERAL_NAME*)0)), (i))); -

1321

if (gena->type != 4

gena->type != 4	Description
TRUE	never evaluated
FALSE	never evaluated

)

1322

continue;

never executed: continue;

1323

if (!X509_NAME_cmp(nm, gena->d.directoryName)

!X509_NAME_cmp...directoryName)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1324

return

never executed: return 1;

1325

}

never executed: end of block

1326

return

never executed: return 0;

1327 } -

1328 -

1329 -

1330 -

1331

for (i = 0; i < sk_num(((_STACK*) (1 ? (a->name.fullname) : (struct stack_st_GENERAL_NAME*)0)))

i < sk_num(((_...RAL_NAME*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1332 gena = ((GENERAL_NAME *)sk_value(((_STACK*) (1 ? (a->name.fullname) : (struct stack_st_GENERAL_NAME*)0)), (i))); -

1333

for (j = 0; j < sk_num(((_STACK*) (1 ? (b->name.fullname) : (struct stack_st_GENERAL_NAME*)0)))

j < sk_num(((_...RAL_NAME*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; j++) {

1334 genb = ((GENERAL_NAME *)sk_value(((_STACK*) (1 ? (b->name.fullname) : (struct stack_st_GENERAL_NAME*)0)), (j))); -

1335

if (!GENERAL_NAME_cmp(gena, genb)

!GENERAL_NAME_cmp(gena, genb)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1336

return

never executed: return 1;

1337

}

never executed: end of block

1338

}

never executed: end of block

1339 -

1340

return

never executed: return 0;

1341 } -

1342 -

1343 static int -

1344 crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score) -

1345 { -

1346 int i; -

1347 X509_NAME *nm = X509_CRL_get_issuer(crl); -

1348 -

1349 -

1350

if (!dp->CRLissuer

!dp->CRLissuer	Description
TRUE	never evaluated
FALSE	never evaluated

)

1351

return

never executed: return !!(crl_score & 0x020);

!!(crl_score & 0x020);

never executed: return !!(crl_score & 0x020);

1352

for (i = 0; i < sk_num(((_STACK*) (1 ? (dp->CRLissuer) : (struct stack_st_GENERAL_NAME*)0)))

i < sk_num(((_...RAL_NAME*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1353 GENERAL_NAME *gen = ((GENERAL_NAME *)sk_value(((_STACK*) (1 ? (dp->CRLissuer) : (struct stack_st_GENERAL_NAME*)0)), (i))); -

1354

if (gen->type != 4

gen->type != 4	Description
TRUE	never evaluated
FALSE	never evaluated

)

1355

continue;

never executed: continue;

1356

if (!X509_NAME_cmp(gen->d.directoryName, nm)

!X509_NAME_cmp...ctoryName, nm)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1357

return

never executed: return 1;

1358

}

never executed: end of block

1359

return

never executed: return 0;

1360 } -

1361 -

1362 -

1363 -

1364 static int -

1365 crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, unsigned int *preasons) -

1366 { -

1367 int i; -

1368 -

1369

if (crl->idp_flags & 0x10

crl->idp_flags & 0x10	Description
TRUE	never evaluated
FALSE	never evaluated

)

1370

return

never executed: return 0;

1371

if (x->ex_flags & 0x0010

x->ex_flags & 0x0010	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1372

if (crl->idp_flags & 0x4

crl->idp_flags & 0x4	Description
TRUE	never evaluated
FALSE	never evaluated

)

1373

return

never executed: return 0;

1374

}

never executed: end of block

else {

1375

if (crl->idp_flags & 0x8

crl->idp_flags & 0x8	Description
TRUE	never evaluated
FALSE	never evaluated

)

1376

return

never executed: return 0;

1377

}

never executed: end of block

1378 *preasons = crl->idp_reasons; -

1379

for (i = 0; i < sk_num(((_STACK*) (1 ? (x->crldp) : (struct stack_st_DIST_POINT*)0)))

i < sk_num(((_...ST_POINT*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1380 DIST_POINT *dp = ((DIST_POINT *)sk_value(((_STACK*) (1 ? (x->crldp) : (struct stack_st_DIST_POINT*)0)), (i))); -

1381

if (crldp_check_crlissuer(dp, crl, crl_score)

crldp_check_cr...rl, crl_score)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1382

if (!crl->idp

!crl->idp	Description
TRUE	never evaluated
FALSE	never evaluated

1383

idp_check_dp(dp->distpoint, crl->idp->distpoint)

idp_check_dp(d...dp->distpoint)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1384 *preasons &= dp->dp_reasons; -

1385

return

never executed: return 1;

1386 } -

1387

}

never executed: end of block

1388

}

never executed: end of block

1389

if ((!crl->idp

!crl->idp	Description
TRUE	never evaluated
FALSE	never evaluated

|| !crl->idp->distpoint

!crl->idp->distpoint	Description
TRUE	never evaluated
FALSE	never evaluated

) &&

1390

(

(crl_score & 0x020)	Description
TRUE	never evaluated
FALSE	never evaluated

crl_score & 0x020)

(crl_score & 0x020)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1391

return

never executed: return 1;

1392

return

never executed: return 0;

1393 } -

1394 -

1395 -

1396 -

1397 -

1398 -

1399 static int -

1400 get_crl_delta(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x) -

1401 { -

1402 int ok; -

1403 X509 *issuer = -

1404 ((void *)0) -

1405 ; -

1406 int crl_score = 0; -

1407 unsigned int reasons; -

1408 X509_CRL *crl = -

1409 ((void *)0) -

1410 , *dcrl = -

1411 ((void *)0) -

1412 ; -

1413 struct stack_st_X509_CRL *skcrl; -

1414 X509_NAME *nm = X509_get_issuer_name(x); -

1415 -

1416 reasons = ctx->current_reasons; -

1417 ok = get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, -

1418 ctx->crls); -

1419

if (ok

ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1420

goto

never executed: goto done;

done;

never executed: goto done;

1421 -

1422 -

1423 skcrl = ctx->lookup_crls(ctx, nm); -

1424 -

1425 -

1426

if (!skcrl

!skcrl	Description
TRUE	never evaluated
FALSE	never evaluated

&& crl

crl	Description
TRUE	never evaluated
FALSE	never evaluated

)

1427

goto

never executed: goto done;

done;

never executed: goto done;

1428 -

1429 get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl); -

1430 -

1431 sk_pop_free(((_STACK*) (1 ? (skcrl) : (struct stack_st_X509_CRL*)0)), ((void (*)(void *)) ((1 ? (X509_CRL_free) : (void (*)(X509_CRL *))0)))); -

1432 -

1433

done:

code before this statement never executed: done:

1434 -

1435 -

1436

if (crl

crl	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1437 ctx->current_issuer = issuer; -

1438 ctx->current_crl_score = crl_score; -

1439 ctx->current_reasons = reasons; -

1440 *pcrl = crl; -

1441 *pdcrl = dcrl; -

1442

return

never executed: return 1;

1443 } -

1444 -

1445

return

never executed: return 0;

1446 } -

1447 -

1448 -

1449 static int -

1450 check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) -

1451 { -

1452 X509 *issuer = -

1453 ((void *)0) -

1454 ; -

1455 EVP_PKEY *ikey = -

1456 ((void *)0) -

1457 ; -

1458 int ok = 0, chnum, cnum; -

1459 -

1460 cnum = ctx->error_depth; -

1461 chnum = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1; -

1462 -

1463

if (ctx->current_issuer

ctx->current_issuer	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1464 issuer = ctx->current_issuer; -

1465

}

never executed: end of block

else if (cnum < chnum

cnum < chnum	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1466 -

1467 -

1468 -

1469 issuer = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (cnum + 1))); -

1470

}

never executed: end of block

else {

1471 issuer = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (chnum))); -

1472 -

1473

if (!ctx->check_issued(ctx, issuer, issuer)

!ctx->check_is...ssuer, issuer)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1474 ctx->error = 33; -

1475 ok = ctx->verify_cb(0, ctx); -

1476

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1477

goto

never executed: goto err;

err;

never executed: goto err;

1478

}

never executed: end of block

1479

}

never executed: end of block

1480 -

1481

if (issuer

issuer	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1482 -

1483 -

1484 -

1485

if (!crl->base_crl_number

!crl->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1486 -

1487

if ((

(issuer->ex_flags & 0x0002)	Description
TRUE	never evaluated
FALSE	never evaluated

issuer->ex_flags & 0x0002)

(issuer->ex_flags & 0x0002)	Description
TRUE	never evaluated
FALSE	never evaluated

1488

!(issuer->ex_kusage & 0x0002)

!(issuer->ex_kusage & 0x0002)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1489 ctx->error = 35; -

1490 ok = ctx->verify_cb(0, ctx); -

1491

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1492

goto

never executed: goto err;

err;

never executed: goto err;

1493

}

never executed: end of block

1494 -

1495

if (!(ctx->current_crl_score & 0x080)

!(ctx->current...score & 0x080)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1496 ctx->error = 44; -

1497 ok = ctx->verify_cb(0, ctx); -

1498

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1499

goto

never executed: goto err;

err;

never executed: goto err;

1500

}

never executed: end of block

1501 -

1502

if (!(ctx->current_crl_score & 0x008)

!(ctx->current...score & 0x008)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1503

if (check_crl_path(ctx,

check_crl_path...t_issuer) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1504

ctx->current_issuer) <= 0

check_crl_path...t_issuer) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1505 ctx->error = 54; -

1506 ok = ctx->verify_cb(0, ctx); -

1507

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1508

goto

never executed: goto err;

err;

never executed: goto err;

1509

}

never executed: end of block

1510

}

never executed: end of block

1511 -

1512

if (crl->idp_flags & 0x2

crl->idp_flags & 0x2	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1513 ctx->error = 41; -

1514 ok = ctx->verify_cb(0, ctx); -

1515

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1516

goto

never executed: goto err;

err;

never executed: goto err;

1517

}

never executed: end of block

1518 -

1519 -

1520

}

never executed: end of block

1521 -

1522

if (!(ctx->current_crl_score & 0x040)

!(ctx->current...score & 0x040)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1523 ok = check_crl_time(ctx, crl, 1); -

1524

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1525

goto

never executed: goto err;

err;

never executed: goto err;

1526

}

never executed: end of block

1527 -

1528 -

1529 ikey = X509_get_pubkey(issuer); -

1530 -

1531

if (!ikey

!ikey	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1532 ctx->error = 6; -

1533 ok = ctx->verify_cb(0, ctx); -

1534

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1535

goto

never executed: goto err;

err;

never executed: goto err;

1536

}

never executed: end of block

else {

1537 -

1538

if (X509_CRL_verify(crl, ikey) <= 0

X509_CRL_verif...rl, ikey) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1539 ctx->error = 8; -

1540 ok = ctx->verify_cb(0, ctx); -

1541

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1542

goto

never executed: goto err;

err;

never executed: goto err;

1543

}

never executed: end of block

1544

}

never executed: end of block

1545 } -

1546 -

1547 ok = 1; -

1548 -

1549

err:

code before this statement never executed: err:

1550 EVP_PKEY_free(ikey); -

1551

return

never executed: return ok;

ok;

never executed: return ok;

1552 } -

1553 -

1554 -

1555 static int -

1556 cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) -

1557 { -

1558 int ok; -

1559 X509_REVOKED *rev; -

1560 -

1561 -

1562 -

1563 -

1564 -

1565 -

1566

if (!(ctx->param->flags & 0x10)

!(ctx->param->flags & 0x10)	Description
TRUE	never evaluated
FALSE	never evaluated

1567

(

(crl->flags & 0x0200)	Description
TRUE	never evaluated
FALSE	never evaluated

crl->flags & 0x0200)

(crl->flags & 0x0200)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1568 ctx->error = 36; -

1569 ok = ctx->verify_cb(0, ctx); -

1570

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1571

return

never executed: return 0;

1572

}

never executed: end of block

1573 -

1574 -

1575 -

1576

if (X509_CRL_get0_by_cert(crl, &rev, x)

X509_CRL_get0_...(crl, &rev, x)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1577

if (rev->reason == 8

rev->reason == 8	Description
TRUE	never evaluated
FALSE	never evaluated

)

1578

return

never executed: return 2;

1579 ctx->error = 23; -

1580 ok = ctx->verify_cb(0, ctx); -

1581

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

1582

return

never executed: return 0;

1583

}

never executed: end of block

1584 -

1585

return

never executed: return 1;

1586 } -

1587 -

1588 static int -

1589 check_policy(X509_STORE_CTX *ctx) -

1590 { -

1591 int ret; -

1592 -

1593

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	never evaluated

)

1594

return

never executed: return 1;

1595 ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, -

1596 ctx->param->policies, ctx->param->flags); -

1597

if (ret == 0

ret == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1598 ERR_put_error(11,(0xfff),((1|64)),__FILE__,1673); -

1599

return

never executed: return 0;

1600 } -

1601 -

1602

if (ret == -1

ret == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1603 -

1604 -

1605 -

1606 X509 *x; -

1607 int i; -

1608

for (i = 1; i < sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1609 x = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (i))); -

1610

if (!(x->ex_flags & 0x0800)

!(x->ex_flags & 0x0800)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1611

continue;

never executed: continue;

1612 ctx->current_cert = x; -

1613 ctx->error = 42; -

1614

if (!ctx->verify_cb(0, ctx)

!ctx->verify_cb(0, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1615

return

never executed: return 0;

1616

}

never executed: end of block

1617

return

never executed: return 1;

1618 } -

1619

if (ret == -2

ret == -2	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1620 ctx->current_cert = -

1621 ((void *)0) -

1622 ; -

1623 ctx->error = 43; -

1624

return

never executed: return ctx->verify_cb(0, ctx);

ctx->verify_cb(0, ctx);

never executed: return ctx->verify_cb(0, ctx);

1625 } -

1626 -

1627

if (ctx->param->flags & 0x800

ctx->param->flags & 0x800	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1628 ctx->current_cert = -

1629 ((void *)0) -

1630 ; -

1631 ctx->error = 0; -

1632

if (!ctx->verify_cb(2, ctx)

!ctx->verify_cb(2, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1633

return

never executed: return 0;

1634

}

never executed: end of block

1635 -

1636

return

never executed: return 1;

1637 } -

1638 static int -

1639 verify_cb_cert(X509_STORE_CTX *ctx, X509 *x, int depth, int err) -

1640 { -

1641 ctx->error_depth = depth; -

1642

ctx->current_cert = (

(x != ((void *)0) )	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	never evaluated

x !=

(x != ((void *)0) )	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	never evaluated

0-2

1643

((void *)0)

(x != ((void *)0) )	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	never evaluated

0-2

1644

)

(x != ((void *)0) )	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	never evaluated

? x : ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (depth)));

0-2

1645

if (err != 0

err != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	never evaluated

)

0-2

1646

ctx->error = err;

executed 2 times by 1 test: ctx->error = err;

Executed by:

pkcs7test

1647

return

executed 2 times by 1 test: return ctx->verify_cb(0, ctx);

Executed by:

pkcs7test

ctx->verify_cb(0, ctx);

executed 2 times by 1 test: return ctx->verify_cb(0, ctx);

Executed by:

pkcs7test

1648 } -

1649 int -

1650 x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int depth) -

1651 { -

1652 time_t *ptime; -

1653 int i; -

1654 -

1655

if (ctx->param->flags & 0x2

ctx->param->flags & 0x2	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

)

0-195

1656

ptime = &ctx->param->check_time;

never executed: ptime = &ctx->param->check_time;

1657

else if (ctx->param->flags & 0x200000

ctx->param->flags & 0x200000	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

)

0-195

1658

return

never executed: return 1;

1659 else -

1660

ptime =

executed 195 times by 2 tests: ptime = ((void *)0) ;

Executed by:

ssltest
tlstest

195

1661

((void *)0)

executed 195 times by 2 tests: ptime = ((void *)0) ;

Executed by:

ssltest
tlstest

195

1662

;

executed 195 times by 2 tests: ptime = ((void *)0) ;

Executed by:

ssltest
tlstest

195

1663 -

1664 i = X509_cmp_time(X509_getm_notBefore(x), ptime); -

1665

if (i >= 0

i >= 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

&& depth < 0

depth < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-195

1666

return

never executed: return 0;

1667

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

&& !verify_cb_cert(ctx, x, depth,

!verify_cb_cer... x, depth, 13)	Description
TRUE	never evaluated
FALSE	never evaluated

0-195

1668

13)

!verify_cb_cer... x, depth, 13)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1669

return

never executed: return 0;

1670

if (i > 0

i > 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

&& !verify_cb_cert(ctx, x, depth,

!verify_cb_cer..., x, depth, 9)	Description
TRUE	never evaluated
FALSE	never evaluated

0-195

1671

!verify_cb_cer..., x, depth, 9)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1672

return

never executed: return 0;

1673 -

1674 i = X509_cmp_time_internal(X509_getm_notAfter(x), ptime, 1); -

1675

if (i <= 0

i <= 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

&& depth < 0

depth < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-195

1676

return

never executed: return 0;

1677

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

&& !verify_cb_cert(ctx, x, depth,

!verify_cb_cer... x, depth, 14)	Description
TRUE	never evaluated
FALSE	never evaluated

0-195

1678

14)

!verify_cb_cer... x, depth, 14)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1679

return

never executed: return 0;

1680

if (i < 0

i < 0	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

&& !verify_cb_cert(ctx, x, depth,

!verify_cb_cer... x, depth, 10)	Description
TRUE	never evaluated
FALSE	never evaluated

0-195

1681

10)

!verify_cb_cer... x, depth, 10)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1682

return

never executed: return 0;

1683

return

executed 195 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

executed 195 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

195

1684 } -

1685 -

1686 static int -

1687 internal_verify(X509_STORE_CTX *ctx) -

1688 { -

1689 int n = sk_num(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0))) - 1; -

1690 X509 *xi = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (n))); -

1691 X509 *xs; -

1692 -

1693

if (ctx->check_issued(ctx, xi, xi)

ctx->check_issued(ctx, xi, xi)	Description
TRUE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 2 times by 1 test Evaluated by: pkcs7test

)

2-36

1694

xs = xi;

executed 36 times by 2 tests: xs = xi;

Executed by:

ssltest
tlstest

1695 else { -

1696

if (ctx->param->flags & 0x80000

ctx->param->flags & 0x80000	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: pkcs7test

) {

0-2

1697 xs = xi; -

1698

goto

never executed: goto check_cert;

check_cert;

never executed: goto check_cert;

1699 } -

1700

if (n <= 0

n <= 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	never evaluated

)

0-2

1701

return

executed 2 times by 1 test: return verify_cb_cert(ctx, xi, 0, 21);

Executed by:

pkcs7test

verify_cb_cert(ctx, xi, 0,

executed 2 times by 1 test: return verify_cb_cert(ctx, xi, 0, 21);

Executed by:

pkcs7test

1702

21);

executed 2 times by 1 test: return verify_cb_cert(ctx, xi, 0, 21);

Executed by:

pkcs7test

1703 n--; -

1704 ctx->error_depth = n; -

1705 xs = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (n))); -

1706

}

never executed: end of block

1707 -

1708 -

1709 -

1710 -

1711 -

1712 -

1713

while (n >= 0

n >= 0	Description
TRUE	evaluated 108 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

) {

36-108

1714

if (xs != xi

xs != xi	Description
TRUE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

|| (

(ctx->param->flags & 0x4000)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

ctx->param->flags &

(ctx->param->flags & 0x4000)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

0-72

1715

0x4000)

(ctx->param->flags & 0x4000)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

) {

0-36

1716 EVP_PKEY *pkey; -

1717

if ((

(pkey = X509_g...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest

pkey = X509_get_pubkey(xi)) ==

(pkey = X509_g...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest

0-72

1718

((void *)0)

(pkey = X509_g...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest

0-72

1719 ) { -

1720

if (!verify_cb_cert(ctx, xi, xi != xs ? n+1 : n,

!verify_cb_cer... ? n+1 : n, 6)	Description
TRUE	never evaluated
FALSE	never evaluated

1721

!verify_cb_cer... ? n+1 : n, 6)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1722

return

never executed: return 0;

1723

}

never executed: end of block

else if (X509_verify(xs, pkey) <= 0

X509_verify(xs, pkey) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest

) {

0-72

1724

if (!verify_cb_cert(ctx, xs, n,

!verify_cb_cert(ctx, xs, n, 7)	Description
TRUE	never evaluated
FALSE	never evaluated

1725

!verify_cb_cert(ctx, xs, n, 7)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1726 EVP_PKEY_free(pkey); -

1727

return

never executed: return 0;

1728 } -

1729

}

never executed: end of block

1730 EVP_PKEY_free(pkey); -

1731

}

executed 72 times by 2 tests: end of block

Executed by:

ssltest
tlstest

1732

check_cert:

code before this statement executed 108 times by 2 tests: check_cert:

Executed by:

ssltest
tlstest

108

1733 -

1734

if (!x509_check_cert_time(ctx, xs, n)

!x509_check_ce...me(ctx, xs, n)	Description
TRUE	never evaluated
FALSE	evaluated 108 times by 2 tests Evaluated by: ssltest tlstest

)

0-108

1735

return

never executed: return 0;

1736 -

1737 -

1738 -

1739 -

1740 -

1741 ctx->current_issuer = xi; -

1742 ctx->current_cert = xs; -

1743 ctx->error_depth = n; -

1744

if (!ctx->verify_cb(1, ctx)

!ctx->verify_cb(1, ctx)	Description
TRUE	never evaluated
FALSE	evaluated 108 times by 2 tests Evaluated by: ssltest tlstest

)

0-108

1745

return

never executed: return 0;

1746 -

1747

if (--

--n >= 0	Description
TRUE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

n >= 0

--n >= 0	Description
TRUE	evaluated 72 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 36 times by 2 tests Evaluated by: ssltest tlstest

) {

36-72

1748 xi = xs; -

1749 xs = ((X509 *)sk_value(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), (n))); -

1750

}

executed 72 times by 2 tests: end of block

Executed by:

ssltest
tlstest

1751

}

executed 108 times by 2 tests: end of block

Executed by:

ssltest
tlstest

108

1752

return

executed 36 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

executed 36 times by 2 tests: return 1;

Executed by:

ssltest
tlstest

1753 } -

1754 -

1755 int -

1756 X509_cmp_current_time(const ASN1_TIME *ctm) -

1757 { -

1758

return

never executed: return X509_cmp_time(ctm, ((void *)0) );

X509_cmp_time(ctm,

never executed: return X509_cmp_time(ctm, ((void *)0) );

1759

((void *)0)

never executed: return X509_cmp_time(ctm, ((void *)0) );

1760

);

never executed: return X509_cmp_time(ctm, ((void *)0) );

1761 } -

1762 static int -

1763 X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, int clamp_notafter) -

1764 { -

1765 time_t time1, time2; -

1766 struct tm tm1, tm2; -

1767 int ret = 0; -

1768 int type; -

1769 -

1770

if (cmp_time ==

cmp_time == ((void *)0)	Description
TRUE	evaluated 390 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 34 times by 1 test Evaluated by: rfc5280time

34-390

1771

((void *)0)

cmp_time == ((void *)0)	Description
TRUE	evaluated 390 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 34 times by 1 test Evaluated by: rfc5280time

34-390

1772 ) -

1773

time2 = time(

executed 390 times by 2 tests: time2 = time( ((void *)0) );

Executed by:

ssltest
tlstest

390

1774

((void *)0)

executed 390 times by 2 tests: time2 = time( ((void *)0) );

Executed by:

ssltest
tlstest

390

1775

);

executed 390 times by 2 tests: time2 = time( ((void *)0) );

Executed by:

ssltest
tlstest

390

1776 else -

1777

time2 = *cmp_time;

executed 34 times by 1 test: time2 = *cmp_time;

Executed by:

rfc5280time

1778 -

1779 memset(&tm1, 0, sizeof(tm1)); -

1780 -

1781 type = ASN1_time_parse(ctm->data, ctm->length, &tm1, ctm->type); -

1782

if (type == -1

type == -1	Description
TRUE	never evaluated
FALSE	evaluated 424 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

)

0-424

1783

goto

never executed: goto out;

out;

never executed: goto out;

1784 -

1785 -

1786

if (tm1.tm_year < 150

tm1.tm_year < 150	Description
TRUE	evaluated 418 times by 3 tests Evaluated by: rfc5280time ssltest tlstest
FALSE	evaluated 6 times by 1 test Evaluated by: rfc5280time

&& type != 23

type != 23	Description
TRUE	evaluated 10 times by 1 test Evaluated by: rfc5280time
FALSE	evaluated 408 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

)

6-418

1787

goto

executed 10 times by 1 test: goto out;

Executed by:

rfc5280time

out;

executed 10 times by 1 test: goto out;

Executed by:

rfc5280time

1788

if (tm1.tm_year >= 150

tm1.tm_year >= 150	Description
TRUE	evaluated 6 times by 1 test Evaluated by: rfc5280time
FALSE	evaluated 408 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

&& type != 24

type != 24	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: rfc5280time

)

0-408

1789

goto

never executed: goto out;

out;

never executed: goto out;

1790 -

1791

if (clamp_notafter

clamp_notafter	Description
TRUE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest
FALSE	evaluated 219 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

) {

195-219

1792 -

1793

if (!ASN1_time_tm_clamp_notafter(&tm1)

!ASN1_time_tm_...notafter(&tm1)	Description
TRUE	never evaluated
FALSE	evaluated 195 times by 2 tests Evaluated by: ssltest tlstest

)

0-195

1794

goto

never executed: goto out;

out;

never executed: goto out;

1795

}

executed 195 times by 2 tests: end of block

Executed by:

ssltest
tlstest

195

1796 -

1797 -

1798 -

1799 -

1800 -

1801 -

1802

if ((

(time1 = timegm(&tm1)) == -1	Description
TRUE	never evaluated
FALSE	evaluated 414 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

time1 = timegm(&tm1)) == -1

(time1 = timegm(&tm1)) == -1	Description
TRUE	never evaluated
FALSE	evaluated 414 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

)

0-414

1803

goto

never executed: goto out;

out;

never executed: goto out;

1804 -

1805

if (gmtime_r(&time2, &tm2) ==

gmtime_r(&time...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 414 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

0-414

1806

((void *)0)

gmtime_r(&time...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 414 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

0-414

1807 ) -

1808

goto

never executed: goto out;

out;

never executed: goto out;

1809 -

1810 ret = ASN1_time_tm_cmp(&tm1, &tm2); -

1811

if (ret == 0

ret == 0	Description
TRUE	evaluated 12 times by 1 test Evaluated by: rfc5280time
FALSE	evaluated 402 times by 3 tests Evaluated by: rfc5280time ssltest tlstest

)

12-402

1812

ret = -1;

executed 12 times by 1 test: ret = -1;

Executed by:

rfc5280time

1813

out:

code before this statement executed 414 times by 3 tests: out:

Executed by:

rfc5280time
ssltest
tlstest

414

1814

return

executed 424 times by 3 tests: return (ret);

Executed by:

rfc5280time
ssltest
tlstest

(ret);

executed 424 times by 3 tests: return (ret);

Executed by:

rfc5280time
ssltest
tlstest

424

1815 } -

1816 -

1817 int -

1818 X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) -

1819 { -

1820

return

executed 229 times by 3 tests: return X509_cmp_time_internal(ctm, cmp_time, 0);

Executed by:

rfc5280time
ssltest
tlstest

X509_cmp_time_internal(ctm, cmp_time, 0);

executed 229 times by 3 tests: return X509_cmp_time_internal(ctm, cmp_time, 0);

Executed by:

rfc5280time
ssltest
tlstest

229

1821 } -

1822 -

1823 -

1824 ASN1_TIME * -

1825 X509_gmtime_adj(ASN1_TIME *s, long adj) -

1826 { -

1827

return

executed 4 times by 2 tests: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

X509_time_adj(s, adj,

executed 4 times by 2 tests: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

1828

((void *)0)

executed 4 times by 2 tests: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

1829

);

executed 4 times by 2 tests: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

1830 } -

1831 -

1832 ASN1_TIME * -

1833 X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_time) -

1834 { -

1835

return

executed 4 times by 2 tests: return X509_time_adj_ex(s, 0, offset_sec, in_time);

Executed by:

libcrypto.so.44.0.1
pkcs7test

X509_time_adj_ex(s, 0, offset_sec, in_time);

executed 4 times by 2 tests: return X509_time_adj_ex(s, 0, offset_sec, in_time);

Executed by:

libcrypto.so.44.0.1
pkcs7test

1836 } -

1837 -

1838 ASN1_TIME * -

1839 X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec, time_t *in_time) -

1840 { -

1841 time_t t; -

1842

if (in_time ==

in_time == ((void *)0)	Description
TRUE	evaluated 6 times by 2 tests Evaluated by: libcrypto.so.44.0.1 pkcs7test
FALSE	never evaluated

0-6

1843

((void *)0)

in_time == ((void *)0)	Description
TRUE	evaluated 6 times by 2 tests Evaluated by: libcrypto.so.44.0.1 pkcs7test
FALSE	never evaluated

0-6

1844 ) -

1845

t = time(

executed 6 times by 2 tests: t = time( ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

1846

((void *)0)

executed 6 times by 2 tests: t = time( ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

1847

);

executed 6 times by 2 tests: t = time( ((void *)0) );

Executed by:

libcrypto.so.44.0.1
pkcs7test

1848 else -

1849

t = *in_time;

never executed: t = *in_time;

1850 -

1851

return

executed 6 times by 2 tests: return ASN1_TIME_adj(s, t, offset_day, offset_sec);

Executed by:

libcrypto.so.44.0.1
pkcs7test

ASN1_TIME_adj(s, t, offset_day, offset_sec);

executed 6 times by 2 tests: return ASN1_TIME_adj(s, t, offset_day, offset_sec);

Executed by:

libcrypto.so.44.0.1
pkcs7test

1852 } -

1853 -

1854 int -

1855 X509_get_pubkey_parameters(EVP_PKEY *pkey, struct stack_st_X509 *chain) -

1856 { -

1857 EVP_PKEY *ktmp = -

1858 ((void *)0) -

1859 , *ktmp2; -

1860 int i, j; -

1861 -

1862

if ((

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

pkey !=

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

1863

((void *)0)

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

1864

)

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

&& !EVP_PKEY_missing_parameters(pkey)

!EVP_PKEY_miss...rameters(pkey)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1865

return

never executed: return 1;

1866 -

1867

for (i = 0; i < sk_num(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1868 ktmp = X509_get_pubkey(((X509 *)sk_value(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), (i)))); -

1869

if (ktmp ==

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1870

((void *)0)

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1871 ) { -

1872 ERR_put_error(11,(0xfff),(108),__FILE__,1961); -

1873

return

never executed: return 0;

1874 } -

1875

if (!EVP_PKEY_missing_parameters(ktmp)

!EVP_PKEY_miss...rameters(ktmp)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1876

break;

never executed: break;

1877 else { -

1878 EVP_PKEY_free(ktmp); -

1879 ktmp = -

1880 ((void *)0) -

1881 ; -

1882

}

never executed: end of block

1883 } -

1884

if (ktmp ==

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1885

((void *)0)

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1886 ) { -

1887 ERR_put_error(11,(0xfff),(107),__FILE__,1972); -

1888

return

never executed: return 0;

1889 } -

1890 -

1891 -

1892

for (j = i - 1; j >= 0

j >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

; j--) {

1893 ktmp2 = X509_get_pubkey(((X509 *)sk_value(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), (j)))); -

1894 EVP_PKEY_copy_parameters(ktmp2, ktmp); -

1895 EVP_PKEY_free(ktmp2); -

1896

}

never executed: end of block

1897 -

1898

if (pkey !=

pkey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1899

((void *)0)

pkey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1900 ) -

1901

EVP_PKEY_copy_parameters(pkey, ktmp);

never executed: EVP_PKEY_copy_parameters(pkey, ktmp);

1902 EVP_PKEY_free(ktmp); -

1903

return

never executed: return 1;

1904 } -

1905 -

1906 int -

1907 X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, -

1908 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -

1909 { -

1910 -

1911 -

1912

return

executed 63 times by 13 tests: return CRYPTO_get_ex_new_index(5, argl, argp, new_func, dup_func, free_func);

Executed by:

cipher_list
cipherstest
clienttest
configtest
libcrypto.so.44.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

CRYPTO_get_ex_new_index(5,

executed 63 times by 13 tests: return CRYPTO_get_ex_new_index(5, argl, argp, new_func, dup_func, free_func);

Executed by:

cipher_list
cipherstest
clienttest
configtest
libcrypto.so.44.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

1913

argl, argp, new_func, dup_func, free_func);

executed 63 times by 13 tests: return CRYPTO_get_ex_new_index(5, argl, argp, new_func, dup_func, free_func);

Executed by:

cipher_list
cipherstest
clienttest
configtest
libcrypto.so.44.0.1
servertest
ssl_versions
ssltest
tls_ext_alpn
tls_prf
tlsexttest
tlstest
verifytest

1914 } -

1915 -

1916 int -

1917 X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) -

1918 { -

1919

return

executed 60 times by 2 tests: return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

Executed by:

ssltest
tlstest

CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

executed 60 times by 2 tests: return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

Executed by:

ssltest
tlstest

1920 } -

1921 -

1922 void * -

1923 X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) -

1924 { -

1925

return

never executed: return CRYPTO_get_ex_data(&ctx->ex_data, idx);

CRYPTO_get_ex_data(&ctx->ex_data, idx);

never executed: return CRYPTO_get_ex_data(&ctx->ex_data, idx);

1926 } -

1927 -

1928 int -

1929 X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) -

1930 { -

1931

return

executed 4 times by 1 test: return ctx->error;

Executed by:

tlstest

ctx->error;

executed 4 times by 1 test: return ctx->error;

Executed by:

tlstest

1932 } -

1933 -

1934 void -

1935 X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) -

1936 { -

1937 ctx->error = err; -

1938

}

never executed: end of block

1939 -

1940 int -

1941 X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) -

1942 { -

1943

return

never executed: return ctx->error_depth;

ctx->error_depth;

never executed: return ctx->error_depth;

1944 } -

1945 -

1946 X509 * -

1947 X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) -

1948 { -

1949

return

never executed: return ctx->current_cert;

ctx->current_cert;

never executed: return ctx->current_cert;

1950 } -

1951 -

1952 struct stack_st_X509 * -

1953 X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) -

1954 { -

1955

return

never executed: return ctx->chain;

ctx->chain;

never executed: return ctx->chain;

1956 } -

1957 -

1958 struct stack_st_X509 * -

1959 X509_STORE_CTX_get0_chain(X509_STORE_CTX *xs) -

1960 { -

1961

return

never executed: return xs->chain;

xs->chain;

never executed: return xs->chain;

1962 } -

1963 -

1964 struct stack_st_X509 * -

1965 X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) -

1966 { -

1967 int i; -

1968 X509 *x; -

1969 struct stack_st_X509 *chain; -

1970 -

1971

if (!ctx->chain

!ctx->chain	Description
TRUE	never evaluated
FALSE	never evaluated

|| !(chain = (struct stack_st_X509 *)sk_dup(((_STACK*) (1 ? ctx->chain : (struct stack_st_X509*)0))))

!(chain = (str...st_X509*)0))))	Description
TRUE	never evaluated
FALSE	never evaluated

)

1972

return

never executed: return ((void *)0) ;

1973

((void *)0)

never executed: return ((void *)0) ;

1974

;

never executed: return ((void *)0) ;

1975

for (i = 0; i < sk_num(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)))

i < sk_num(((_..._st_X509*)0)))	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1976 x = ((X509 *)sk_value(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), (i))); -

1977 CRYPTO_add_lock(&x->references,1,3,__FILE__,2058); -

1978

}

never executed: end of block

1979

return

never executed: return chain;

chain;

never executed: return chain;

1980 } -

1981 -

1982 X509 * -

1983 X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx) -

1984 { -

1985

return

never executed: return ctx->current_issuer;

ctx->current_issuer;

never executed: return ctx->current_issuer;

1986 } -

1987 -

1988 X509_CRL * -

1989 X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx) -

1990 { -

1991

return

never executed: return ctx->current_crl;

ctx->current_crl;

never executed: return ctx->current_crl;

1992 } -

1993 -

1994 X509_STORE_CTX * -

1995 X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx) -

1996 { -

1997

return

never executed: return ctx->parent;

ctx->parent;

never executed: return ctx->parent;

1998 } -

1999 -

2000 X509_STORE * -

2001 X509_STORE_CTX_get0_store(X509_STORE_CTX *xs) -

2002 { -

2003

return

never executed: return xs->ctx;

xs->ctx;

never executed: return xs->ctx;

2004 } -

2005 -

2006 void -

2007 X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) -

2008 { -

2009 ctx->cert = x; -

2010

}

never executed: end of block

2011 -

2012 void -

2013 X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, struct stack_st_X509 *sk) -

2014 { -

2015 ctx->untrusted = sk; -

2016

}

never executed: end of block

2017 -

2018 void -

2019 X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, struct stack_st_X509_CRL *sk) -

2020 { -

2021 ctx->crls = sk; -

2022

}

executed 2 times by 1 test: end of block

Executed by:

pkcs7test

2023 -

2024 int -

2025 X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) -

2026 { -

2027

return

never executed: return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);

X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);

never executed: return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);

2028 } -

2029 -

2030 int -

2031 X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) -

2032 { -

2033

return

never executed: return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);

X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);

never executed: return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);

2034 } -

2035 int -

2036 X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, -

2037 int purpose, int trust) -

2038 { -

2039 int idx; -

2040 -

2041 -

2042

if (!purpose

!purpose	Description
TRUE	never evaluated
FALSE	never evaluated

)

2043

purpose = def_purpose;

never executed: purpose = def_purpose;

2044 -

2045

if (purpose

purpose	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2046 X509_PURPOSE *ptmp; -

2047 idx = X509_PURPOSE_get_by_id(purpose); -

2048

if (idx == -1

idx == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2049 ERR_put_error(11,(0xfff),(121),__FILE__,2141); -

2050

return

never executed: return 0;

2051 } -

2052 ptmp = X509_PURPOSE_get0(idx); -

2053

if (ptmp->trust == -1

ptmp->trust == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2054 idx = X509_PURPOSE_get_by_id(def_purpose); -

2055

if (idx == -1

idx == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2056 ERR_put_error(11,(0xfff),(121),__FILE__,2148); -

2057

return

never executed: return 0;

2058 } -

2059 ptmp = X509_PURPOSE_get0(idx); -

2060

}

never executed: end of block

2061 -

2062

if (!trust

!trust	Description
TRUE	never evaluated
FALSE	never evaluated

)

2063

trust = ptmp->trust;

never executed: trust = ptmp->trust;

2064

}

never executed: end of block

2065

if (trust

trust	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2066 idx = X509_TRUST_get_by_id(trust); -

2067

if (idx == -1

idx == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2068 ERR_put_error(11,(0xfff),(120),__FILE__,2160); -

2069

return

never executed: return 0;

2070 } -

2071

}

never executed: end of block

2072 -

2073

if (purpose

purpose	Description
TRUE	never evaluated
FALSE	never evaluated

&& !ctx->param->purpose

!ctx->param->purpose	Description
TRUE	never evaluated
FALSE	never evaluated

)

2074

ctx->param->purpose = purpose;

never executed: ctx->param->purpose = purpose;

2075

if (trust

trust	Description
TRUE	never evaluated
FALSE	never evaluated

&& !ctx->param->trust

!ctx->param->trust	Description
TRUE	never evaluated
FALSE	never evaluated

)

2076

ctx->param->trust = trust;

never executed: ctx->param->trust = trust;

2077

return

never executed: return 1;

2078 } -

2079 -

2080 X509_STORE_CTX * -

2081 X509_STORE_CTX_new(void) -

2082 { -

2083 X509_STORE_CTX *ctx; -

2084 -

2085 ctx = calloc(1, sizeof(X509_STORE_CTX)); -

2086

if (!ctx

!ctx	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2087 ERR_put_error(11,(0xfff),((1|64)),__FILE__,2179); -

2088

return

never executed: return ((void *)0) ;

2089

((void *)0)

never executed: return ((void *)0) ;

2090

;

never executed: return ((void *)0) ;

2091 } -

2092

return

never executed: return ctx;

ctx;

never executed: return ctx;

2093 } -

2094 -

2095 void -

2096 X509_STORE_CTX_free(X509_STORE_CTX *ctx) -

2097 { -

2098

if (ctx ==

ctx == ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: freenull
FALSE	never evaluated

0-1

2099

((void *)0)

ctx == ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: freenull
FALSE	never evaluated

0-1

2100 ) -

2101

return;

executed 1 time by 1 test: return;

Executed by:

freenull

2102 -

2103 X509_STORE_CTX_cleanup(ctx); -

2104 free(ctx); -

2105

}

never executed: end of block

2106 -

2107 int -

2108 X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, -

2109 struct stack_st_X509 *chain) -

2110 { -

2111 int param_ret = 1; -

2112 memset(ctx, 0, sizeof(*ctx)); -

2113 -

2114 -

2115 -

2116 -

2117 -

2118 ctx->error = 65; -

2119 -

2120 -

2121 -

2122 -

2123 -

2124 -

2125 -

2126 ctx->ctx = store; -

2127 ctx->cert = x509; -

2128 ctx->untrusted = chain; -

2129 -

2130

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->verify

store->verify	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2131

ctx->verify = store->verify;

never executed: ctx->verify = store->verify;

2132 else -

2133

ctx->verify = internal_verify;

executed 124 times by 4 tests: ctx->verify = internal_verify;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2134 -

2135

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->verify_cb

store->verify_cb	Description
TRUE	evaluated 2 times by 1 test Evaluated by: pkcs7test
FALSE	evaluated 122 times by 3 tests Evaluated by: servertest ssltest tlstest

)

0-124

2136

ctx->verify_cb = store->verify_cb;

executed 2 times by 1 test: ctx->verify_cb = store->verify_cb;

Executed by:

pkcs7test

2137 else -

2138

ctx->verify_cb = null_callback;

executed 122 times by 3 tests: ctx->verify_cb = null_callback;

Executed by:

servertest
ssltest
tlstest

122

2139 -

2140

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->get_issuer

store->get_issuer	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2141

ctx->get_issuer = store->get_issuer;

never executed: ctx->get_issuer = store->get_issuer;

2142 else -

2143

ctx->get_issuer = X509_STORE_CTX_get1_issuer;

executed 124 times by 4 tests: ctx->get_issuer = X509_STORE_CTX_get1_issuer;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2144 -

2145

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->check_issued

store->check_issued	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2146

ctx->check_issued = store->check_issued;

never executed: ctx->check_issued = store->check_issued;

2147 else -

2148

ctx->check_issued = check_issued;

executed 124 times by 4 tests: ctx->check_issued = check_issued;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2149 -

2150

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->check_revocation

store->check_revocation	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2151

ctx->check_revocation = store->check_revocation;

never executed: ctx->check_revocation = store->check_revocation;

2152 else -

2153

ctx->check_revocation = check_revocation;

executed 124 times by 4 tests: ctx->check_revocation = check_revocation;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2154 -

2155

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->get_crl

store->get_crl	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2156

ctx->get_crl = store->get_crl;

never executed: ctx->get_crl = store->get_crl;

2157 else -

2158

ctx->get_crl =

executed 124 times by 4 tests: ctx->get_crl = ((void *)0) ;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2159

((void *)0)

executed 124 times by 4 tests: ctx->get_crl = ((void *)0) ;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2160

;

executed 124 times by 4 tests: ctx->get_crl = ((void *)0) ;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2161 -

2162

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->check_crl

store->check_crl	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2163

ctx->check_crl = store->check_crl;

never executed: ctx->check_crl = store->check_crl;

2164 else -

2165

ctx->check_crl = check_crl;

executed 124 times by 4 tests: ctx->check_crl = check_crl;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2166 -

2167

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->cert_crl

store->cert_crl	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2168

ctx->cert_crl = store->cert_crl;

never executed: ctx->cert_crl = store->cert_crl;

2169 else -

2170

ctx->cert_crl = cert_crl;

executed 124 times by 4 tests: ctx->cert_crl = cert_crl;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2171 -

2172 ctx->check_policy = check_policy; -

2173 -

2174

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->lookup_certs

store->lookup_certs	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2175

ctx->lookup_certs = store->lookup_certs;

never executed: ctx->lookup_certs = store->lookup_certs;

2176 else -

2177

ctx->lookup_certs = X509_STORE_get1_certs;

executed 124 times by 4 tests: ctx->lookup_certs = X509_STORE_get1_certs;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2178 -

2179

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->lookup_crls

store->lookup_crls	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2180

ctx->lookup_crls = store->lookup_crls;

never executed: ctx->lookup_crls = store->lookup_crls;

2181 else -

2182

ctx->lookup_crls = X509_STORE_get1_crls;

executed 124 times by 4 tests: ctx->lookup_crls = X509_STORE_get1_crls;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2183 -

2184

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

&& store->cleanup

store->cleanup	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2185

ctx->cleanup = store->cleanup;

never executed: ctx->cleanup = store->cleanup;

2186 else -

2187

ctx->cleanup =

executed 124 times by 4 tests: ctx->cleanup = ((void *)0) ;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2188

((void *)0)

executed 124 times by 4 tests: ctx->cleanup = ((void *)0) ;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2189

;

executed 124 times by 4 tests: ctx->cleanup = ((void *)0) ;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2190 -

2191 ctx->param = X509_VERIFY_PARAM_new(); -

2192

if (!ctx->param

!ctx->param	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-124

2193 ERR_put_error(11,(0xfff),((1|64)),__FILE__,2287); -

2194

return

never executed: return 0;

2195 } -

2196 -

2197 -

2198 -

2199 -

2200

if (store

store	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

)

0-124

2201

param_ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);

executed 124 times by 4 tests: param_ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2202 else -

2203

ctx->param->inh_flags |= 0x1|0x10;

never executed: ctx->param->inh_flags |= 0x1|0x10;

2204 -

2205

if (param_ret

param_ret	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

)

0-124

2206

param_ret = X509_VERIFY_PARAM_inherit(ctx->param,

executed 124 times by 4 tests: param_ret = X509_VERIFY_PARAM_inherit(ctx->param, X509_VERIFY_PARAM_lookup("default"));

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2207

X509_VERIFY_PARAM_lookup("default"));

executed 124 times by 4 tests: param_ret = X509_VERIFY_PARAM_inherit(ctx->param, X509_VERIFY_PARAM_lookup("default"));

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2208 -

2209

if (param_ret == 0

param_ret == 0	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-124

2210 ERR_put_error(11,(0xfff),((1|64)),__FILE__,2304); -

2211

return

never executed: return 0;

2212 } -

2213 -

2214

if (CRYPTO_new_ex_data(5, ctx,

CRYPTO_new_ex_...ex_data)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-124

2215

&(ctx->ex_data)) == 0

CRYPTO_new_ex_...ex_data)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

) {

0-124

2216 ERR_put_error(11,(0xfff),((1|64)),__FILE__,2310); -

2217

return

never executed: return 0;

2218 } -

2219

return

executed 124 times by 4 tests: return 1;

Executed by:

pkcs7test
servertest
ssltest
tlstest

executed 124 times by 4 tests: return 1;

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2220 } -

2221 -

2222 -

2223 -

2224 -

2225 -

2226 void -

2227 X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, struct stack_st_X509 *sk) -

2228 { -

2229 ctx->other_ctx = sk; -

2230 ctx->get_issuer = get_issuer_sk; -

2231

}

never executed: end of block

2232 -

2233 void -

2234 X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, struct stack_st_X509 *sk) -

2235 { -

2236 X509_STORE_CTX_trusted_stack(ctx, sk); -

2237

}

never executed: end of block

2238 -

2239 void -

2240 X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) -

2241 { -

2242

if (ctx->cleanup

ctx->cleanup	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

)

0-124

2243

ctx->cleanup(ctx);

never executed: ctx->cleanup(ctx);

2244

if (ctx->param !=

ctx->param != ((void *)0)	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-124

2245

((void *)0)

ctx->param != ((void *)0)	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-124

2246 ) { -

2247

if (ctx->parent ==

ctx->parent == ((void *)0)	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-124

2248

((void *)0)

ctx->parent == ((void *)0)	Description
TRUE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	never evaluated

0-124

2249 ) -

2250

X509_VERIFY_PARAM_free(ctx->param);

executed 124 times by 4 tests: X509_VERIFY_PARAM_free(ctx->param);

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2251 ctx->param = -

2252 ((void *)0) -

2253 ; -

2254

}

executed 124 times by 4 tests: end of block

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2255

if (ctx->tree !=

ctx->tree != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-124

2256

((void *)0)

ctx->tree != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 124 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest

0-124

2257 ) { -

2258 X509_policy_tree_free(ctx->tree); -

2259 ctx->tree = -

2260 ((void *)0) -

2261 ; -

2262

}

never executed: end of block

2263

if (ctx->chain !=

ctx->chain != ((void *)0)	Description
TRUE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	evaluated 2 times by 1 test Evaluated by: ssltest

2-122

2264

((void *)0)

ctx->chain != ((void *)0)	Description
TRUE	evaluated 122 times by 4 tests Evaluated by: pkcs7test servertest ssltest tlstest
FALSE	evaluated 2 times by 1 test Evaluated by: ssltest

2-122

2265 ) { -

2266 sk_pop_free(((_STACK*) (1 ? (ctx->chain) : (struct stack_st_X509*)0)), ((void (*)(void *)) ((1 ? (X509_free) : (void (*)(X509 *))0)))); -

2267 ctx->chain = -

2268 ((void *)0) -

2269 ; -

2270

}

executed 122 times by 4 tests: end of block

Executed by:

pkcs7test
servertest
ssltest
tlstest

122

2271 CRYPTO_free_ex_data(5, -

2272 ctx, &(ctx->ex_data)); -

2273 memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA)); -

2274

}

executed 124 times by 4 tests: end of block

Executed by:

pkcs7test
servertest
ssltest
tlstest

124

2275 -

2276 void -

2277 X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) -

2278 { -

2279 X509_VERIFY_PARAM_set_depth(ctx->param, depth); -

2280

}

never executed: end of block

2281 -

2282 void -

2283 X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) -

2284 { -

2285 X509_VERIFY_PARAM_set_flags(ctx->param, flags); -

2286

}

never executed: end of block

2287 -

2288 void -

2289 X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) -

2290 { -

2291 X509_VERIFY_PARAM_set_time(ctx->param, t); -

2292

}

never executed: end of block

2293 -

2294 void -

2295 X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, -

2296 int (*verify_cb)(int, X509_STORE_CTX *)) -

2297 { -

2298 ctx->verify_cb = verify_cb; -

2299

}

executed 14 times by 1 test: end of block

Executed by:

ssltest

2300 -

2301 X509 * -

2302 X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx) -

2303 { -

2304

return

never executed: return ctx->cert;

ctx->cert;

never executed: return ctx->cert;

2305 } -

2306 -

2307 struct stack_st_X509 * -

2308 X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx) -

2309 { -

2310

return

never executed: return ctx->untrusted;

ctx->untrusted;

never executed: return ctx->untrusted;

2311 } -

2312 -

2313 void -

2314 X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, struct stack_st_X509 *sk) -

2315 { -

2316 ctx->untrusted = sk; -

2317

}

never executed: end of block

2318 -

2319 X509_POLICY_TREE * -

2320 X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx) -

2321 { -

2322

return

never executed: return ctx->tree;

ctx->tree;

never executed: return ctx->tree;

2323 } -

2324 -

2325 int -

2326 X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx) -

2327 { -

2328

return

never executed: return ctx->explicit_policy;

ctx->explicit_policy;

never executed: return ctx->explicit_policy;

2329 } -

2330 -

2331 int -

2332 X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) -

2333 { -

2334 const X509_VERIFY_PARAM *param; -

2335 param = X509_VERIFY_PARAM_lookup(name); -

2336

if (!param

!param	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 3 tests Evaluated by: pkcs7test ssltest tlstest

)

0-62

2337

return

never executed: return 0;

2338

return

executed 62 times by 3 tests: return X509_VERIFY_PARAM_inherit(ctx->param, param);

Executed by:

pkcs7test
ssltest
tlstest

X509_VERIFY_PARAM_inherit(ctx->param, param);

executed 62 times by 3 tests: return X509_VERIFY_PARAM_inherit(ctx->param, param);

Executed by:

pkcs7test
ssltest
tlstest

2339 } -

2340 -

2341 X509_VERIFY_PARAM * -

2342 X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) -

2343 { -

2344

return

executed 60 times by 2 tests: return ctx->param;

Executed by:

ssltest
tlstest

ctx->param;

executed 60 times by 2 tests: return ctx->param;

Executed by:

ssltest
tlstest

2345 } -

2346 -

2347 void -

2348 X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) -

2349 { -

2350

if (ctx->param

ctx->param	Description
TRUE	never evaluated
FALSE	never evaluated

)

2351

X509_VERIFY_PARAM_free(ctx->param);

never executed: X509_VERIFY_PARAM_free(ctx->param);

2352 ctx->param = param; -

2353

}

never executed: end of block

Switch to Source code

Preprocessed file

Generated by Squish Coco 4.2.2