diff options
| author | tpashkin <tpashkin@yandex-team.ru> | 2022-02-10 16:46:42 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:46:42 +0300 |
| commit | 656921707c02b816d730f31c1fdc1d615adbfe00 (patch) | |
| tree | 49e222ea1c5804306084bb3ae065bb702625360f /contrib/libs/openssl/crypto/x509v3 | |
| parent | 5475379a04e37df30085bd1724f1c57e3f40996f (diff) | |
| download | ydb-656921707c02b816d730f31c1fdc1d615adbfe00.tar.gz | |
Restoring authorship annotation for <tpashkin@yandex-team.ru>. Commit 2 of 2.
Diffstat (limited to 'contrib/libs/openssl/crypto/x509v3')
18 files changed, 300 insertions, 300 deletions
diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_cache.c b/contrib/libs/openssl/crypto/x509v3/pcy_cache.c index f8a152f901..04401bace8 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_cache.c +++ b/contrib/libs/openssl/crypto/x509v3/pcy_cache.c @@ -10,9 +10,9 @@ #include "internal/cryptlib.h" #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" -#include "pcy_local.h" +#include "pcy_local.h" static int policy_data_cmp(const X509_POLICY_DATA *const *a, const X509_POLICY_DATA *const *b); diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_data.c b/contrib/libs/openssl/crypto/x509v3/pcy_data.c index 7588925f41..8c7bc69576 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_data.c +++ b/contrib/libs/openssl/crypto/x509v3/pcy_data.c @@ -11,7 +11,7 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "pcy_local.h" +#include "pcy_local.h" /* Policy Node routines */ diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_lib.c b/contrib/libs/openssl/crypto/x509v3/pcy_lib.c index 194e966c51..2e196b838c 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_lib.c +++ b/contrib/libs/openssl/crypto/x509v3/pcy_lib.c @@ -11,7 +11,7 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "pcy_local.h" +#include "pcy_local.h" /* accessor functions */ diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_local.h b/contrib/libs/openssl/crypto/x509v3/pcy_local.h index 621da11719..5daf78de45 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_local.h +++ b/contrib/libs/openssl/crypto/x509v3/pcy_local.h @@ -1,167 +1,167 @@ -/* - * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -typedef struct X509_POLICY_DATA_st X509_POLICY_DATA; - -DEFINE_STACK_OF(X509_POLICY_DATA) - -/* Internal structures */ - -/* - * This structure and the field names correspond to the Policy 'node' of - * RFC3280. NB this structure contains no pointers to parent or child data: - * X509_POLICY_NODE contains that. This means that the main policy data can - * be kept static and cached with the certificate. - */ - -struct X509_POLICY_DATA_st { - unsigned int flags; - /* Policy OID and qualifiers for this data */ - ASN1_OBJECT *valid_policy; - STACK_OF(POLICYQUALINFO) *qualifier_set; - STACK_OF(ASN1_OBJECT) *expected_policy_set; -}; - -/* X509_POLICY_DATA flags values */ - -/* - * This flag indicates the structure has been mapped using a policy mapping - * extension. If policy mapping is not active its references get deleted. - */ - -#define POLICY_DATA_FLAG_MAPPED 0x1 - -/* - * This flag indicates the data doesn't correspond to a policy in Certificate - * Policies: it has been mapped to any policy. - */ - -#define POLICY_DATA_FLAG_MAPPED_ANY 0x2 - -/* AND with flags to see if any mapping has occurred */ - -#define POLICY_DATA_FLAG_MAP_MASK 0x3 - -/* qualifiers are shared and shouldn't be freed */ - -#define POLICY_DATA_FLAG_SHARED_QUALIFIERS 0x4 - -/* Parent node is an extra node and should be freed */ - -#define POLICY_DATA_FLAG_EXTRA_NODE 0x8 - -/* Corresponding CertificatePolicies is critical */ - -#define POLICY_DATA_FLAG_CRITICAL 0x10 - -/* This structure is cached with a certificate */ - -struct X509_POLICY_CACHE_st { - /* anyPolicy data or NULL if no anyPolicy */ - X509_POLICY_DATA *anyPolicy; - /* other policy data */ - STACK_OF(X509_POLICY_DATA) *data; - /* If InhibitAnyPolicy present this is its value or -1 if absent. */ - long any_skip; - /* - * If policyConstraints and requireExplicitPolicy present this is its - * value or -1 if absent. - */ - long explicit_skip; - /* - * If policyConstraints and policyMapping present this is its value or -1 - * if absent. - */ - long map_skip; -}; - -/* - * #define POLICY_CACHE_FLAG_CRITICAL POLICY_DATA_FLAG_CRITICAL - */ - -/* This structure represents the relationship between nodes */ - -struct X509_POLICY_NODE_st { - /* node data this refers to */ - const X509_POLICY_DATA *data; - /* Parent node */ - X509_POLICY_NODE *parent; - /* Number of child nodes */ - int nchild; -}; - -struct X509_POLICY_LEVEL_st { - /* Cert for this level */ - X509 *cert; - /* nodes at this level */ - STACK_OF(X509_POLICY_NODE) *nodes; - /* anyPolicy node */ - X509_POLICY_NODE *anyPolicy; - /* Extra data */ - /* - * STACK_OF(X509_POLICY_DATA) *extra_data; - */ - unsigned int flags; -}; - -struct X509_POLICY_TREE_st { - /* This is the tree 'level' data */ - X509_POLICY_LEVEL *levels; - int nlevel; - /* - * Extra policy data when additional nodes (not from the certificate) are - * required. - */ - STACK_OF(X509_POLICY_DATA) *extra_data; - /* This is the authority constrained policy set */ - STACK_OF(X509_POLICY_NODE) *auth_policies; - STACK_OF(X509_POLICY_NODE) *user_policies; - unsigned int flags; -}; - -/* Set if anyPolicy present in user policies */ -#define POLICY_FLAG_ANY_POLICY 0x2 - -/* Useful macros */ - -#define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL) -#define node_critical(node) node_data_critical(node->data) - -/* Internal functions */ - -X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id, - int crit); -void policy_data_free(X509_POLICY_DATA *data); - -X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache, - const ASN1_OBJECT *id); -int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps); - -STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void); - -void policy_cache_init(void); - -void policy_cache_free(X509_POLICY_CACHE *cache); - -X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, - const X509_POLICY_NODE *parent, - const ASN1_OBJECT *id); - -X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk, - const ASN1_OBJECT *id); - -X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, - X509_POLICY_DATA *data, - X509_POLICY_NODE *parent, - X509_POLICY_TREE *tree); -void policy_node_free(X509_POLICY_NODE *node); -int policy_node_match(const X509_POLICY_LEVEL *lvl, - const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); - -const X509_POLICY_CACHE *policy_cache_set(X509 *x); +/* + * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +typedef struct X509_POLICY_DATA_st X509_POLICY_DATA; + +DEFINE_STACK_OF(X509_POLICY_DATA) + +/* Internal structures */ + +/* + * This structure and the field names correspond to the Policy 'node' of + * RFC3280. NB this structure contains no pointers to parent or child data: + * X509_POLICY_NODE contains that. This means that the main policy data can + * be kept static and cached with the certificate. + */ + +struct X509_POLICY_DATA_st { + unsigned int flags; + /* Policy OID and qualifiers for this data */ + ASN1_OBJECT *valid_policy; + STACK_OF(POLICYQUALINFO) *qualifier_set; + STACK_OF(ASN1_OBJECT) *expected_policy_set; +}; + +/* X509_POLICY_DATA flags values */ + +/* + * This flag indicates the structure has been mapped using a policy mapping + * extension. If policy mapping is not active its references get deleted. + */ + +#define POLICY_DATA_FLAG_MAPPED 0x1 + +/* + * This flag indicates the data doesn't correspond to a policy in Certificate + * Policies: it has been mapped to any policy. + */ + +#define POLICY_DATA_FLAG_MAPPED_ANY 0x2 + +/* AND with flags to see if any mapping has occurred */ + +#define POLICY_DATA_FLAG_MAP_MASK 0x3 + +/* qualifiers are shared and shouldn't be freed */ + +#define POLICY_DATA_FLAG_SHARED_QUALIFIERS 0x4 + +/* Parent node is an extra node and should be freed */ + +#define POLICY_DATA_FLAG_EXTRA_NODE 0x8 + +/* Corresponding CertificatePolicies is critical */ + +#define POLICY_DATA_FLAG_CRITICAL 0x10 + +/* This structure is cached with a certificate */ + +struct X509_POLICY_CACHE_st { + /* anyPolicy data or NULL if no anyPolicy */ + X509_POLICY_DATA *anyPolicy; + /* other policy data */ + STACK_OF(X509_POLICY_DATA) *data; + /* If InhibitAnyPolicy present this is its value or -1 if absent. */ + long any_skip; + /* + * If policyConstraints and requireExplicitPolicy present this is its + * value or -1 if absent. + */ + long explicit_skip; + /* + * If policyConstraints and policyMapping present this is its value or -1 + * if absent. + */ + long map_skip; +}; + +/* + * #define POLICY_CACHE_FLAG_CRITICAL POLICY_DATA_FLAG_CRITICAL + */ + +/* This structure represents the relationship between nodes */ + +struct X509_POLICY_NODE_st { + /* node data this refers to */ + const X509_POLICY_DATA *data; + /* Parent node */ + X509_POLICY_NODE *parent; + /* Number of child nodes */ + int nchild; +}; + +struct X509_POLICY_LEVEL_st { + /* Cert for this level */ + X509 *cert; + /* nodes at this level */ + STACK_OF(X509_POLICY_NODE) *nodes; + /* anyPolicy node */ + X509_POLICY_NODE *anyPolicy; + /* Extra data */ + /* + * STACK_OF(X509_POLICY_DATA) *extra_data; + */ + unsigned int flags; +}; + +struct X509_POLICY_TREE_st { + /* This is the tree 'level' data */ + X509_POLICY_LEVEL *levels; + int nlevel; + /* + * Extra policy data when additional nodes (not from the certificate) are + * required. + */ + STACK_OF(X509_POLICY_DATA) *extra_data; + /* This is the authority constrained policy set */ + STACK_OF(X509_POLICY_NODE) *auth_policies; + STACK_OF(X509_POLICY_NODE) *user_policies; + unsigned int flags; +}; + +/* Set if anyPolicy present in user policies */ +#define POLICY_FLAG_ANY_POLICY 0x2 + +/* Useful macros */ + +#define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL) +#define node_critical(node) node_data_critical(node->data) + +/* Internal functions */ + +X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id, + int crit); +void policy_data_free(X509_POLICY_DATA *data); + +X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache, + const ASN1_OBJECT *id); +int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps); + +STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void); + +void policy_cache_init(void); + +void policy_cache_free(X509_POLICY_CACHE *cache); + +X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, + const X509_POLICY_NODE *parent, + const ASN1_OBJECT *id); + +X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk, + const ASN1_OBJECT *id); + +X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, + X509_POLICY_DATA *data, + X509_POLICY_NODE *parent, + X509_POLICY_TREE *tree); +void policy_node_free(X509_POLICY_NODE *node); +int policy_node_match(const X509_POLICY_LEVEL *lvl, + const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); + +const X509_POLICY_CACHE *policy_cache_set(X509 *x); diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_map.c b/contrib/libs/openssl/crypto/x509v3/pcy_map.c index 9da649d2df..ae2a62c977 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_map.c +++ b/contrib/libs/openssl/crypto/x509v3/pcy_map.c @@ -10,9 +10,9 @@ #include "internal/cryptlib.h" #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" -#include "pcy_local.h" +#include "pcy_local.h" /* * Set policy mapping entries in cache. Note: this modifies the passed diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_node.c b/contrib/libs/openssl/crypto/x509v3/pcy_node.c index 0efa18c5b9..e2d7b15322 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_node.c +++ b/contrib/libs/openssl/crypto/x509v3/pcy_node.c @@ -12,7 +12,7 @@ #include <openssl/x509v3.h> #include <openssl/err.h> -#include "pcy_local.h" +#include "pcy_local.h" static int node_cmp(const X509_POLICY_NODE *const *a, const X509_POLICY_NODE *const *b) diff --git a/contrib/libs/openssl/crypto/x509v3/pcy_tree.c b/contrib/libs/openssl/crypto/x509v3/pcy_tree.c index bb60f4ef50..6e8322cbc5 100644 --- a/contrib/libs/openssl/crypto/x509v3/pcy_tree.c +++ b/contrib/libs/openssl/crypto/x509v3/pcy_tree.c @@ -11,7 +11,7 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "pcy_local.h" +#include "pcy_local.h" /* * Enable this to print out the complete policy tree at various point during diff --git a/contrib/libs/openssl/crypto/x509v3/v3_addr.c b/contrib/libs/openssl/crypto/x509v3/v3_addr.c index 3dfcac60cf..4258dbc40c 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_addr.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_addr.c @@ -20,7 +20,7 @@ #include <openssl/asn1t.h> #include <openssl/buffer.h> #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include "ext_dat.h" #ifndef OPENSSL_NO_RFC3779 diff --git a/contrib/libs/openssl/crypto/x509v3/v3_admis.h b/contrib/libs/openssl/crypto/x509v3/v3_admis.h index 5b196267ff..ea7632b370 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_admis.h +++ b/contrib/libs/openssl/crypto/x509v3/v3_admis.h @@ -7,8 +7,8 @@ * https://www.openssl.org/source/license.html */ -#ifndef OSSL_CRYPTO_X509V3_V3_ADMIS_H -# define OSSL_CRYPTO_X509V3_V3_ADMIS_H +#ifndef OSSL_CRYPTO_X509V3_V3_ADMIS_H +# define OSSL_CRYPTO_X509V3_V3_ADMIS_H struct NamingAuthority_st { ASN1_OBJECT* namingAuthorityId; diff --git a/contrib/libs/openssl/crypto/x509v3/v3_alt.c b/contrib/libs/openssl/crypto/x509v3/v3_alt.c index 85998676de..7c32d4031d 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_alt.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_alt.c @@ -53,24 +53,24 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, { int i; GENERAL_NAME *gen; - STACK_OF(CONF_VALUE) *tmpret = NULL, *origret = ret; - + STACK_OF(CONF_VALUE) *tmpret = NULL, *origret = ret; + for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { gen = sk_GENERAL_NAME_value(gens, i); - /* - * i2v_GENERAL_NAME allocates ret if it is NULL. If something goes - * wrong we need to free the stack - but only if it was empty when we - * originally entered this function. - */ - tmpret = i2v_GENERAL_NAME(method, gen, ret); - if (tmpret == NULL) { - if (origret == NULL) - sk_CONF_VALUE_pop_free(ret, X509V3_conf_free); - return NULL; - } - ret = tmpret; + /* + * i2v_GENERAL_NAME allocates ret if it is NULL. If something goes + * wrong we need to free the stack - but only if it was empty when we + * originally entered this function. + */ + tmpret = i2v_GENERAL_NAME(method, gen, ret); + if (tmpret == NULL) { + if (origret == NULL) + sk_CONF_VALUE_pop_free(ret, X509V3_conf_free); + return NULL; + } + ret = tmpret; } - if (ret == NULL) + if (ret == NULL) return sk_CONF_VALUE_new_null(); return ret; } diff --git a/contrib/libs/openssl/crypto/x509v3/v3_asid.c b/contrib/libs/openssl/crypto/x509v3/v3_asid.c index 5778b890c8..ac68572672 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_asid.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_asid.c @@ -20,7 +20,7 @@ #include <openssl/asn1t.h> #include <openssl/x509v3.h> #include <openssl/x509.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include <openssl/bn.h> #include "ext_dat.h" @@ -256,7 +256,7 @@ static int extract_min_max(ASIdOrRange *aor, static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) { ASN1_INTEGER *a_max_plus_one = NULL; - ASN1_INTEGER *orig; + ASN1_INTEGER *orig; BIGNUM *bn = NULL; int i, ret = 0; @@ -299,20 +299,20 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) */ if ((bn == NULL && (bn = BN_new()) == NULL) || ASN1_INTEGER_to_BN(a_max, bn) == NULL || - !BN_add_word(bn, 1)) { + !BN_add_word(bn, 1)) { + X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, + ERR_R_MALLOC_FAILURE); + goto done; + } + + if ((a_max_plus_one = + BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { + a_max_plus_one = orig; X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, ERR_R_MALLOC_FAILURE); goto done; } - if ((a_max_plus_one = - BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { - a_max_plus_one = orig; - X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, - ERR_R_MALLOC_FAILURE); - goto done; - } - /* * Punt if adjacent or overlapping. */ @@ -358,7 +358,7 @@ int X509v3_asid_is_canonical(ASIdentifiers *asid) static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) { ASN1_INTEGER *a_max_plus_one = NULL; - ASN1_INTEGER *orig; + ASN1_INTEGER *orig; BIGNUM *bn = NULL; int i, ret = 0; @@ -424,20 +424,20 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) */ if ((bn == NULL && (bn = BN_new()) == NULL) || ASN1_INTEGER_to_BN(a_max, bn) == NULL || - !BN_add_word(bn, 1)) { + !BN_add_word(bn, 1)) { + X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, + ERR_R_MALLOC_FAILURE); + goto done; + } + + if ((a_max_plus_one = + BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { + a_max_plus_one = orig; X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, ERR_R_MALLOC_FAILURE); goto done; } - if ((a_max_plus_one = - BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { - a_max_plus_one = orig; - X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, - ERR_R_MALLOC_FAILURE); - goto done; - } - /* * If a and b are adjacent, merge them. */ diff --git a/contrib/libs/openssl/crypto/x509v3/v3_conf.c b/contrib/libs/openssl/crypto/x509v3/v3_conf.c index b5c68257c6..e93de34546 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_conf.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_conf.c @@ -10,11 +10,11 @@ /* extension creation utilities */ #include <stdio.h> -#include "crypto/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include <openssl/conf.h> #include <openssl/x509.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include <openssl/x509v3.h> static int v3_check_critical(const char **value); diff --git a/contrib/libs/openssl/crypto/x509v3/v3_cpols.c b/contrib/libs/openssl/crypto/x509v3/v3_cpols.c index ab8e24a87b..09804b5848 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_cpols.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_cpols.c @@ -14,7 +14,7 @@ #include <openssl/asn1t.h> #include <openssl/x509v3.h> -#include "pcy_local.h" +#include "pcy_local.h" #include "ext_dat.h" /* Certificate policies extension support: this one is a bit complex... */ diff --git a/contrib/libs/openssl/crypto/x509v3/v3_crld.c b/contrib/libs/openssl/crypto/x509v3/v3_crld.c index 5197867376..4854748ffb 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_crld.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_crld.c @@ -14,7 +14,7 @@ #include <openssl/asn1t.h> #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include "ext_dat.h" static void *v2i_crld(const X509V3_EXT_METHOD *method, diff --git a/contrib/libs/openssl/crypto/x509v3/v3_ncons.c b/contrib/libs/openssl/crypto/x509v3/v3_ncons.c index 438f3ae541..d985aa91da 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_ncons.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_ncons.c @@ -10,12 +10,12 @@ #include "internal/cryptlib.h" #include "internal/numbers.h" #include <stdio.h> -#include "crypto/asn1.h" +#include "crypto/asn1.h" #include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include "ext_dat.h" static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, diff --git a/contrib/libs/openssl/crypto/x509v3/v3_purp.c b/contrib/libs/openssl/crypto/x509v3/v3_purp.c index 646c95aac7..a1aeb4e4c6 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_purp.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_purp.c @@ -12,7 +12,7 @@ #include "internal/numbers.h" #include <openssl/x509v3.h> #include <openssl/x509_vfy.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include "../x509/x509_local.h" /* for x509_signing_allowed() */ #include "internal/tsan_assist.h" @@ -82,8 +82,8 @@ int X509_check_purpose(X509 *x, int id, int ca) const X509_PURPOSE *pt; x509v3_cache_extensions(x); - if (x->ex_flags & EXFLAG_INVALID) - return -1; + if (x->ex_flags & EXFLAG_INVALID) + return -1; /* Return if side-effect only call */ if (id == -1) @@ -303,11 +303,11 @@ int X509_supported_extension(X509_EXTENSION *ex) return 0; } -static int setup_dp(X509 *x, DIST_POINT *dp) +static int setup_dp(X509 *x, DIST_POINT *dp) { X509_NAME *iname = NULL; int i; - + if (dp->reasons) { if (dp->reasons->length > 0) dp->dp_reasons = dp->reasons->data[0]; @@ -317,7 +317,7 @@ static int setup_dp(X509 *x, DIST_POINT *dp) } else dp->dp_reasons = CRLDP_ALL_REASONS; if (!dp->distpoint || (dp->distpoint->type != 1)) - return 1; + return 1; for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) { GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); if (gen->type == GEN_DIRNAME) { @@ -328,21 +328,21 @@ static int setup_dp(X509 *x, DIST_POINT *dp) if (!iname) iname = X509_get_issuer_name(x); - return DIST_POINT_set_dpname(dp->distpoint, iname); + return DIST_POINT_set_dpname(dp->distpoint, iname); } -static int setup_crldp(X509 *x) +static int setup_crldp(X509 *x) { int i; - - x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, &i, NULL); - if (x->crldp == NULL && i != -1) - return 0; - for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) { - if (!setup_dp(x, sk_DIST_POINT_value(x->crldp, i))) - return 0; - } - return 1; + + x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, &i, NULL); + if (x->crldp == NULL && i != -1) + return 0; + for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) { + if (!setup_dp(x, sk_DIST_POINT_value(x->crldp, i))) + return 0; + } + return 1; } /* Check that issuer public key algorithm matches subject signature algorithm */ @@ -393,36 +393,36 @@ static void x509v3_cache_extensions(X509 *x) return; } - if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)) + if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)) x->ex_flags |= (EXFLAG_NO_FINGERPRINT | EXFLAG_INVALID); /* V1 should mean no extensions ... */ if (!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; /* Handle basic constraints */ - if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &i, NULL))) { + if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &i, NULL))) { if (bs->ca) x->ex_flags |= EXFLAG_CA; if (bs->pathlen) { - if (bs->pathlen->type == V_ASN1_NEG_INTEGER) { + if (bs->pathlen->type == V_ASN1_NEG_INTEGER) { x->ex_flags |= EXFLAG_INVALID; x->ex_pathlen = 0; - } else { + } else { x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen); - if (!bs->ca && x->ex_pathlen != 0) { - x->ex_flags |= EXFLAG_INVALID; - x->ex_pathlen = 0; - } - } + if (!bs->ca && x->ex_pathlen != 0) { + x->ex_flags |= EXFLAG_INVALID; + x->ex_pathlen = 0; + } + } } else x->ex_pathlen = -1; BASIC_CONSTRAINTS_free(bs); x->ex_flags |= EXFLAG_BCONS; - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; + } else if (i != -1) { + x->ex_flags |= EXFLAG_INVALID; } /* Handle proxy certificates */ - if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, &i, NULL))) { + if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, &i, NULL))) { if (x->ex_flags & EXFLAG_CA || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0 || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) { @@ -434,11 +434,11 @@ static void x509v3_cache_extensions(X509 *x) x->ex_pcpathlen = -1; PROXY_CERT_INFO_EXTENSION_free(pci); x->ex_flags |= EXFLAG_PROXY; - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; + } else if (i != -1) { + x->ex_flags |= EXFLAG_INVALID; } /* Handle key usage */ - if ((usage = X509_get_ext_d2i(x, NID_key_usage, &i, NULL))) { + if ((usage = X509_get_ext_d2i(x, NID_key_usage, &i, NULL))) { if (usage->length > 0) { x->ex_kusage = usage->data[0]; if (usage->length > 1) @@ -447,11 +447,11 @@ static void x509v3_cache_extensions(X509 *x) x->ex_kusage = 0; x->ex_flags |= EXFLAG_KUSAGE; ASN1_BIT_STRING_free(usage); - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; + } else if (i != -1) { + x->ex_flags |= EXFLAG_INVALID; } x->ex_xkusage = 0; - if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, &i, NULL))) { + if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, &i, NULL))) { x->ex_flags |= EXFLAG_XKUSAGE; for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) { switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) { @@ -494,26 +494,26 @@ static void x509v3_cache_extensions(X509 *x) } } sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; + } else if (i != -1) { + x->ex_flags |= EXFLAG_INVALID; } - if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, &i, NULL))) { + if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, &i, NULL))) { if (ns->length > 0) x->ex_nscert = ns->data[0]; else x->ex_nscert = 0; x->ex_flags |= EXFLAG_NSCERT; ASN1_BIT_STRING_free(ns); - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; + } else if (i != -1) { + x->ex_flags |= EXFLAG_INVALID; } - x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, &i, NULL); - if (x->skid == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, &i, NULL); - if (x->akid == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; + x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, &i, NULL); + if (x->skid == NULL && i != -1) + x->ex_flags |= EXFLAG_INVALID; + x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, &i, NULL); + if (x->akid == NULL && i != -1) + x->ex_flags |= EXFLAG_INVALID; /* Does subject name match issuer ? */ if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) { x->ex_flags |= EXFLAG_SI; /* cert is self-issued */ @@ -522,22 +522,22 @@ static void x509v3_cache_extensions(X509 *x) && check_sig_alg_match(X509_get0_pubkey(x), x) == X509_V_OK) x->ex_flags |= EXFLAG_SS; /* indicate self-signed */ } - x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &i, NULL); - if (x->altname == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; + x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &i, NULL); + if (x->altname == NULL && i != -1) + x->ex_flags |= EXFLAG_INVALID; x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL); - if (x->nc == NULL && i != -1) + if (x->nc == NULL && i != -1) + x->ex_flags |= EXFLAG_INVALID; + if (!setup_crldp(x)) x->ex_flags |= EXFLAG_INVALID; - if (!setup_crldp(x)) - x->ex_flags |= EXFLAG_INVALID; #ifndef OPENSSL_NO_RFC3779 - x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, &i, NULL); - if (x->rfc3779_addr == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, &i, NULL); - if (x->rfc3779_asid == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; + x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, &i, NULL); + if (x->rfc3779_addr == NULL && i != -1) + x->ex_flags |= EXFLAG_INVALID; + x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, &i, NULL); + if (x->rfc3779_asid == NULL && i != -1) + x->ex_flags |= EXFLAG_INVALID; #endif for (i = 0; i < X509_get_ext_count(x); i++) { ex = X509_get_ext(x, i); @@ -569,11 +569,11 @@ static void x509v3_cache_extensions(X509 *x) * return codes: * 0 not a CA * 1 is a CA - * 2 Only possible in older versions of openSSL when basicConstraints are absent - * new versions will not return this value. May be a CA + * 2 Only possible in older versions of openSSL when basicConstraints are absent + * new versions will not return this value. May be a CA * 3 basicConstraints absent but self signed V1. * 4 basicConstraints absent but keyUsage present and keyCertSign asserted. - * 5 Netscape specific CA Flags present + * 5 Netscape specific CA Flags present */ static int check_ca(const X509 *x) @@ -860,11 +860,11 @@ int x509_likely_issued(X509 *issuer, X509 *subject) return X509_V_ERR_SUBJECT_ISSUER_MISMATCH; x509v3_cache_extensions(issuer); - if (issuer->ex_flags & EXFLAG_INVALID) - return X509_V_ERR_UNSPECIFIED; + if (issuer->ex_flags & EXFLAG_INVALID) + return X509_V_ERR_UNSPECIFIED; x509v3_cache_extensions(subject); - if (subject->ex_flags & EXFLAG_INVALID) - return X509_V_ERR_UNSPECIFIED; + if (subject->ex_flags & EXFLAG_INVALID) + return X509_V_ERR_UNSPECIFIED; if (subject->akid) { int ret = X509_check_akid(issuer, subject->akid); @@ -925,8 +925,8 @@ uint32_t X509_get_extension_flags(X509 *x) uint32_t X509_get_key_usage(X509 *x) { /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return 0; + if (X509_check_purpose(x, -1, -1) != 1) + return 0; if (x->ex_flags & EXFLAG_KUSAGE) return x->ex_kusage; return UINT32_MAX; @@ -935,8 +935,8 @@ uint32_t X509_get_key_usage(X509 *x) uint32_t X509_get_extended_key_usage(X509 *x) { /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return 0; + if (X509_check_purpose(x, -1, -1) != 1) + return 0; if (x->ex_flags & EXFLAG_XKUSAGE) return x->ex_xkusage; return UINT32_MAX; @@ -945,32 +945,32 @@ uint32_t X509_get_extended_key_usage(X509 *x) const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x) { /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return NULL; + if (X509_check_purpose(x, -1, -1) != 1) + return NULL; return x->skid; } const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x) { /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return NULL; + if (X509_check_purpose(x, -1, -1) != 1) + return NULL; return (x->akid != NULL ? x->akid->keyid : NULL); } const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x) { /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return NULL; + if (X509_check_purpose(x, -1, -1) != 1) + return NULL; return (x->akid != NULL ? x->akid->issuer : NULL); } const ASN1_INTEGER *X509_get0_authority_serial(X509 *x) { /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return NULL; + if (X509_check_purpose(x, -1, -1) != 1) + return NULL; return (x->akid != NULL ? x->akid->serial : NULL); } diff --git a/contrib/libs/openssl/crypto/x509v3/v3_skey.c b/contrib/libs/openssl/crypto/x509v3/v3_skey.c index 7371e97052..c2e8204568 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_skey.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_skey.c @@ -10,7 +10,7 @@ #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include "ext_dat.h" static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, diff --git a/contrib/libs/openssl/crypto/x509v3/v3_utl.c b/contrib/libs/openssl/crypto/x509v3/v3_utl.c index c4633dca74..f41c699b5a 100644 --- a/contrib/libs/openssl/crypto/x509v3/v3_utl.c +++ b/contrib/libs/openssl/crypto/x509v3/v3_utl.c @@ -13,11 +13,11 @@ #include "internal/cryptlib.h" #include <stdio.h> #include <string.h> -#include "crypto/ctype.h" +#include "crypto/ctype.h" #include <openssl/conf.h> #include <openssl/crypto.h> #include <openssl/x509v3.h> -#include "crypto/x509.h" +#include "crypto/x509.h" #include <openssl/bn.h> #include "ext_dat.h" |