Tolerate a SEQUENCE in DN components.

[openssl.git] / crypto / asn1 / x_x509.c

diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index f71ba267d94c7670d1abe2b744c28a1c3f22a090..086021c5a10c18ab72bf8e65dd3ca6bf8f78e713 100644 (file)
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -79,7 +79,10 @@ ASN1_SEQUENCE(X509_CINF) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
 /* X509 top level structure needs a bit of customisation */
 
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+extern void policy_cache_free(X509_POLICY_CACHE *cache);
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                                                               void *exarg)
 {
        X509 *ret = (X509 *)*pval;
 
@@ -106,6 +109,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
                X509_CERT_AUX_free(ret->aux);
                ASN1_OCTET_STRING_free(ret->skid);
                AUTHORITY_KEYID_free(ret->akid);
+               policy_cache_free(ret->policy_cache);
 
                if (ret->name != NULL) OPENSSL_free(ret->name);
                break;
@@ -125,17 +129,6 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509)
 IMPLEMENT_ASN1_DUP_FUNCTION(X509)
 
-static ASN1_METHOD meth={
-       (int (*)())  i2d_X509,
-       (char *(*)())d2i_X509,
-       (char *(*)())X509_new,
-       (void (*)()) X509_free};
-
-ASN1_METHOD *X509_asn1_meth(void)
-       {
-       return(&meth);
-       }
-
 int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
         {