Allow multiple IDN xn-- indicators
[openssl.git] / crypto / x509v3 / pcy_data.c
index fae74ca..3444b03 100644 (file)
@@ -1,5 +1,5 @@
 /* pcy_data.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -69,7 +69,7 @@ void policy_data_free(X509_POLICY_DATA *data)
        ASN1_OBJECT_free(data->valid_policy);
        /* Don't free qualifiers if shared */
        if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
-               sk_POLICYINFO_pop_free(data->qualifier_set,
+               sk_POLICYQUALINFO_pop_free(data->qualifier_set,
                                        POLICYQUALINFO_free);
        sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
        OPENSSL_free(data);
@@ -82,11 +82,21 @@ void policy_data_free(X509_POLICY_DATA *data)
  * another source.
  */
 
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit)
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
+                                       const ASN1_OBJECT *cid, int crit)
        {
        X509_POLICY_DATA *ret;
-       if (!policy && !id)
+       ASN1_OBJECT *id;
+       if (!policy && !cid)
                return NULL;
+       if (cid)
+               {
+               id = OBJ_dup(cid);
+               if (!id)
+                       return NULL;
+               }
+       else
+               id = NULL;
        ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
        if (!ret)
                return NULL;
@@ -94,6 +104,8 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit)
        if (!ret->expected_policy_set)
                {
                OPENSSL_free(ret);
+               if (id)
+                       ASN1_OBJECT_free(id);
                return NULL;
                }