OLD | NEW |
1 /* pcy_node.c */ | 1 /* pcy_node.c */ |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 * project 2004. | 3 * project 2004. |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
85 | 85 |
86 idx = sk_X509_POLICY_NODE_find(nodes, &l); | 86 idx = sk_X509_POLICY_NODE_find(nodes, &l); |
87 if (idx == -1) | 87 if (idx == -1) |
88 return NULL; | 88 return NULL; |
89 | 89 |
90 return sk_X509_POLICY_NODE_value(nodes, idx); | 90 return sk_X509_POLICY_NODE_value(nodes, idx); |
91 | 91 |
92 } | 92 } |
93 | 93 |
94 X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, | 94 X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, |
| 95 const X509_POLICY_NODE *parent, |
95 const ASN1_OBJECT *id) | 96 const ASN1_OBJECT *id) |
96 { | 97 { |
97 » return tree_find_sk(level->nodes, id); | 98 » X509_POLICY_NODE *node; |
| 99 » int i; |
| 100 » for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) |
| 101 » » { |
| 102 » » node = sk_X509_POLICY_NODE_value(level->nodes, i); |
| 103 » » if (node->parent == parent) |
| 104 » » » { |
| 105 » » » if (!OBJ_cmp(node->data->valid_policy, id)) |
| 106 » » » » return node; |
| 107 » » » } |
| 108 » » } |
| 109 » return NULL; |
98 } | 110 } |
99 | 111 |
100 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, | 112 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, |
101 » » » X509_POLICY_DATA *data, | 113 » » » const X509_POLICY_DATA *data, |
102 X509_POLICY_NODE *parent, | 114 X509_POLICY_NODE *parent, |
103 X509_POLICY_TREE *tree) | 115 X509_POLICY_TREE *tree) |
104 { | 116 { |
105 X509_POLICY_NODE *node; | 117 X509_POLICY_NODE *node; |
106 node = OPENSSL_malloc(sizeof(X509_POLICY_NODE)); | 118 node = OPENSSL_malloc(sizeof(X509_POLICY_NODE)); |
107 if (!node) | 119 if (!node) |
108 return NULL; | 120 return NULL; |
109 node->data = data; | 121 node->data = data; |
110 node->parent = parent; | 122 node->parent = parent; |
111 node->nchild = 0; | 123 node->nchild = 0; |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
148 policy_node_free(node); | 160 policy_node_free(node); |
149 return 0; | 161 return 0; |
150 | 162 |
151 } | 163 } |
152 | 164 |
153 void policy_node_free(X509_POLICY_NODE *node) | 165 void policy_node_free(X509_POLICY_NODE *node) |
154 { | 166 { |
155 OPENSSL_free(node); | 167 OPENSSL_free(node); |
156 } | 168 } |
157 | 169 |
| 170 /* See if a policy node matches a policy OID. If mapping enabled look through |
| 171 * expected policy set otherwise just valid policy. |
| 172 */ |
158 | 173 |
| 174 int policy_node_match(const X509_POLICY_LEVEL *lvl, |
| 175 const X509_POLICY_NODE *node, const ASN1_OBJECT *oid) |
| 176 { |
| 177 int i; |
| 178 ASN1_OBJECT *policy_oid; |
| 179 const X509_POLICY_DATA *x = node->data; |
| 180 |
| 181 if ( (lvl->flags & X509_V_FLAG_INHIBIT_MAP) |
| 182 || !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) |
| 183 { |
| 184 if (!OBJ_cmp(x->valid_policy, oid)) |
| 185 return 1; |
| 186 return 0; |
| 187 } |
| 188 |
| 189 for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) |
| 190 { |
| 191 policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i); |
| 192 if (!OBJ_cmp(policy_oid, oid)) |
| 193 return 1; |
| 194 } |
| 195 return 0; |
| 196 |
| 197 } |
OLD | NEW |