| Index: openssl/crypto/x509v3/pcy_map.c
|
| ===================================================================
|
| --- openssl/crypto/x509v3/pcy_map.c (revision 105093)
|
| +++ openssl/crypto/x509v3/pcy_map.c (working copy)
|
| @@ -62,31 +62,6 @@
|
|
|
| #include "pcy_int.h"
|
|
|
| -static int ref_cmp(const X509_POLICY_REF * const *a,
|
| - const X509_POLICY_REF * const *b)
|
| - {
|
| - return OBJ_cmp((*a)->subjectDomainPolicy, (*b)->subjectDomainPolicy);
|
| - }
|
| -
|
| -static void policy_map_free(X509_POLICY_REF *map)
|
| - {
|
| - if (map->subjectDomainPolicy)
|
| - ASN1_OBJECT_free(map->subjectDomainPolicy);
|
| - OPENSSL_free(map);
|
| - }
|
| -
|
| -static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache, ASN1_OBJECT *id)
|
| - {
|
| - X509_POLICY_REF tmp;
|
| - int idx;
|
| - tmp.subjectDomainPolicy = id;
|
| -
|
| - idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
|
| - if (idx == -1)
|
| - return NULL;
|
| - return sk_X509_POLICY_REF_value(cache->maps, idx);
|
| - }
|
| -
|
| /* Set policy mapping entries in cache.
|
| * Note: this modifies the passed POLICY_MAPPINGS structure
|
| */
|
| @@ -94,7 +69,6 @@
|
| int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
|
| {
|
| POLICY_MAPPING *map;
|
| - X509_POLICY_REF *ref = NULL;
|
| X509_POLICY_DATA *data;
|
| X509_POLICY_CACHE *cache = x->policy_cache;
|
| int i;
|
| @@ -104,7 +78,6 @@
|
| ret = -1;
|
| goto bad_mapping;
|
| }
|
| - cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
|
| for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)
|
| {
|
| map = sk_POLICY_MAPPING_value(maps, i);
|
| @@ -116,13 +89,6 @@
|
| goto bad_mapping;
|
| }
|
|
|
| - /* If we've already mapped from this OID bad mapping */
|
| - if (policy_map_find(cache, map->subjectDomainPolicy) != NULL)
|
| - {
|
| - ret = -1;
|
| - goto bad_mapping;
|
| - }
|
| -
|
| /* Attempt to find matching policy data */
|
| data = policy_cache_find_data(cache, map->issuerDomainPolicy);
|
| /* If we don't have anyPolicy can't map */
|
| @@ -138,7 +104,7 @@
|
| if (!data)
|
| goto bad_mapping;
|
| data->qualifier_set = cache->anyPolicy->qualifier_set;
|
| - map->issuerDomainPolicy = NULL;
|
| + /*map->issuerDomainPolicy = NULL;*/
|
| data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
|
| data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
|
| if (!sk_X509_POLICY_DATA_push(cache->data, data))
|
| @@ -149,37 +115,17 @@
|
| }
|
| else
|
| data->flags |= POLICY_DATA_FLAG_MAPPED;
|
| -
|
| if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
|
| map->subjectDomainPolicy))
|
| goto bad_mapping;
|
| -
|
| - ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
|
| - if (!ref)
|
| - goto bad_mapping;
|
| -
|
| - ref->subjectDomainPolicy = map->subjectDomainPolicy;
|
| map->subjectDomainPolicy = NULL;
|
| - ref->data = data;
|
|
|
| - if (!sk_X509_POLICY_REF_push(cache->maps, ref))
|
| - goto bad_mapping;
|
| -
|
| - ref = NULL;
|
| -
|
| }
|
|
|
| ret = 1;
|
| bad_mapping:
|
| if (ret == -1)
|
| x->ex_flags |= EXFLAG_INVALID_POLICY;
|
| - if (ref)
|
| - policy_map_free(ref);
|
| - if (ret <= 0)
|
| - {
|
| - sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
|
| - cache->maps = NULL;
|
| - }
|
| sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
|
| return ret;
|
|
|
|
|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/