/*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
+#include "x509_local.h"
#include "pcy_local.h"
#include "ext_dat.h"
+DEFINE_STACK_OF(CONF_VALUE)
+
/* Certificate policies extension support: this one is a bit complex... */
static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
ia5org = 0;
for (i = 0; i < num; i++) {
cnf = sk_CONF_VALUE_value(vals, i);
-
- if (cnf->value || !cnf->name) {
+ if (cnf->value != NULL || cnf->name == NULL) {
X509V3err(X509V3_F_R2I_CERTPOL,
X509V3_R_INVALID_POLICY_IDENTIFIER);
- X509V3_conf_err(cnf);
+ X509V3_conf_add_error_name_value(cnf);
goto err;
}
pstr = cnf->name;
continue;
} else if (*pstr == '@') {
STACK_OF(CONF_VALUE) *polsect;
+
polsect = X509V3_get_section(ctx, pstr + 1);
- if (!polsect) {
+ if (polsect == NULL) {
X509V3err(X509V3_F_R2I_CERTPOL, X509V3_R_INVALID_SECTION);
-
- X509V3_conf_err(cnf);
+ ERR_add_error_data(1, cnf->name);
goto err;
}
pol = policy_section(ctx, polsect, ia5org);
if ((pobj = OBJ_txt2obj(cnf->name, 0)) == NULL) {
X509V3err(X509V3_F_R2I_CERTPOL,
X509V3_R_INVALID_OBJECT_IDENTIFIER);
- X509V3_conf_err(cnf);
+ ERR_add_error_data(1, cnf->name);
goto err;
}
pol = POLICYINFO_new();
cnf = sk_CONF_VALUE_value(polstrs, i);
if (strcmp(cnf->name, "policyIdentifier") == 0) {
ASN1_OBJECT *pobj;
+
if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) {
X509V3err(X509V3_F_POLICY_SECTION,
X509V3_R_INVALID_OBJECT_IDENTIFIER);
}
pol->policyid = pobj;
- } else if (!name_cmp(cnf->name, "CPS")) {
+ } else if (!v3_name_cmp(cnf->name, "CPS")) {
if (pol->qualifiers == NULL)
pol->qualifiers = sk_POLICYQUALINFO_new_null();
if ((qual = POLICYQUALINFO_new()) == NULL)
if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
strlen(cnf->value)))
goto merr;
- } else if (!name_cmp(cnf->name, "userNotice")) {
+ } else if (!v3_name_cmp(cnf->name, "userNotice")) {
STACK_OF(CONF_VALUE) *unot;
if (*cnf->value != '@') {
X509V3err(X509V3_F_POLICY_SECTION,
X509V3_section_free(ctx, unot);
if (!qual)
goto err;
- if (!pol->qualifiers)
+ if (pol->qualifiers == NULL)
pol->qualifiers = sk_POLICYQUALINFO_new_null();
if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
goto merr;
} else {
X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_OPTION);
-
X509V3_conf_err(cnf);
goto err;
}
}
- if (!pol->policyid) {
+ if (pol->policyid == NULL) {
X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_NO_POLICY_IDENTIFIER);
goto err;
}
qual->d.usernotice = not;
for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
cnf = sk_CONF_VALUE_value(unot, i);
+
value = cnf->value;
if (strcmp(cnf->name, "explicitText") == 0) {
tag = displaytext_str2tag(value, &tag_len);
goto merr;
} else if (strcmp(cnf->name, "organization") == 0) {
NOTICEREF *nref;
+
if (!not->noticeref) {
if ((nref = NOTICEREF_new()) == NULL)
goto merr;
goto merr;
} else if (strcmp(cnf->name, "noticeNumbers") == 0) {
NOTICEREF *nref;
+
STACK_OF(CONF_VALUE) *nos;
if (!not->noticeref) {
if ((nref = NOTICEREF_new()) == NULL)
nos = X509V3_parse_list(cnf->value);
if (!nos || !sk_CONF_VALUE_num(nos)) {
X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS);
- X509V3_conf_err(cnf);
+ X509V3_conf_add_error_name_value(cnf);
sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
goto err;
}
goto err;
} else {
X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_OPTION);
- X509V3_conf_err(cnf);
+ X509V3_conf_add_error_name_value(cnf);
goto err;
}
}