FCL/sf/os/ossrv: ssl/libcrypto/src/crypto/x509v3/pcy

0 e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1	/* pcy_map.c */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2	/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	3	* project 2004.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	4	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	5	/* ====================================================================
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	6	* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	7	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	8	* Redistribution and use in source and binary forms, with or without
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	9	* modification, are permitted provided that the following conditions
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	10	* are met:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	11	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	12	* 1. Redistributions of source code must retain the above copyright
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	13	* notice, this list of conditions and the following disclaimer.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	14	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	15	* 2. Redistributions in binary form must reproduce the above copyright
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	16	* notice, this list of conditions and the following disclaimer in
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	17	* the documentation and/or other materials provided with the
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	18	* distribution.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	19	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	20	* 3. All advertising materials mentioning features or use of this
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	21	* software must display the following acknowledgment:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	22	* "This product includes software developed by the OpenSSL Project
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	24	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	26	* endorse or promote products derived from this software without
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	27	* prior written permission. For written permission, please contact
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	28	* licensing@OpenSSL.org.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	29	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	30	* 5. Products derived from this software may not be called "OpenSSL"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	31	* nor may "OpenSSL" appear in their names without prior written
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	32	* permission of the OpenSSL Project.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	33	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	34	* 6. Redistributions of any form whatsoever must retain the following
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	35	* acknowledgment:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	36	* "This product includes software developed by the OpenSSL Project
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	38	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	51	* ====================================================================
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	52	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	53	* This product includes cryptographic software written by Eric Young
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	54	* (eay@cryptsoft.com). This product includes software written by Tim
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	55	* Hudson (tjh@cryptsoft.com).
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	56	*
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	57	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	58
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	59	#include "cryptlib.h"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	60	#include <openssl/x509.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	61	#include <openssl/x509v3.h>
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	62
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	63	#include "pcy_int.h"
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	64
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	65	static int ref_cmp(const X509_POLICY_REF * const *a,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	66	const X509_POLICY_REF * const *b)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	67	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	68	return OBJ_cmp((a)->subjectDomainPolicy, (b)->subjectDomainPolicy);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	69	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	70
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	71	static void policy_map_free(X509_POLICY_REF *map)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	72	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	73	if (map->subjectDomainPolicy)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	74	ASN1_OBJECT_free(map->subjectDomainPolicy);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	75	OPENSSL_free(map);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	76	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	77
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	78	static X509_POLICY_REF policy_map_find(X509_POLICY_CACHE cache, ASN1_OBJECT *id)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	79	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	80	X509_POLICY_REF tmp;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	81	int idx;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	82	tmp.subjectDomainPolicy = id;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	83
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	84	idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	85	if (idx == -1)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	86	return NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	87	return sk_X509_POLICY_REF_value(cache->maps, idx);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	88	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	89
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	90	/* Set policy mapping entries in cache.
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	91	* Note: this modifies the passed POLICY_MAPPINGS structure
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	92	*/
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	93
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	94	EXPORT_C int policy_cache_set_mapping(X509 x, POLICY_MAPPINGS maps)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	95	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	96	POLICY_MAPPING *map;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	97	X509_POLICY_REF *ref = NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	98	X509_POLICY_DATA *data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	99	X509_POLICY_CACHE *cache = x->policy_cache;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	100	int i;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	101	int ret = 0;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	102	if (sk_POLICY_MAPPING_num(maps) == 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	103	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	104	ret = -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	105	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	106	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	107	cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	108	for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	109	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	110	map = sk_POLICY_MAPPING_value(maps, i);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	111	/* Reject if map to or from anyPolicy */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	112	if ((OBJ_obj2nid(map->subjectDomainPolicy) == NID_any_policy)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	113	\|\| (OBJ_obj2nid(map->issuerDomainPolicy) == NID_any_policy))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	114	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	115	ret = -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	116	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	117	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	118
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	119	/* If we've already mapped from this OID bad mapping */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	120	if (policy_map_find(cache, map->subjectDomainPolicy) != NULL)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	121	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	122	ret = -1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	123	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	124	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	125
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	126	/* Attempt to find matching policy data */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	127	data = policy_cache_find_data(cache, map->issuerDomainPolicy);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	128	/* If we don't have anyPolicy can't map */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	129	if (!data && !cache->anyPolicy)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	130	continue;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	131
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	132	/* Create a NODE from anyPolicy */
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	133	if (!data)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	134	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	135	data = policy_data_new(NULL, map->issuerDomainPolicy,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	136	cache->anyPolicy->flags
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	137	& POLICY_DATA_FLAG_CRITICAL);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	138	if (!data)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	139	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	140	data->qualifier_set = cache->anyPolicy->qualifier_set;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	141	map->issuerDomainPolicy = NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	142	data->flags \|= POLICY_DATA_FLAG_MAPPED_ANY;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	143	data->flags \|= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	144	if (!sk_X509_POLICY_DATA_push(cache->data, data))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	145	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	146	policy_data_free(data);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	147	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	148	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	149	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	150	else
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	151	data->flags \|= POLICY_DATA_FLAG_MAPPED;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	152
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	153	if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	154	map->subjectDomainPolicy))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	155	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	156
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	157	ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	158	if (!ref)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	159	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	160
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	161	ref->subjectDomainPolicy = map->subjectDomainPolicy;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	162	map->subjectDomainPolicy = NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	163	ref->data = data;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	164
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	165	if (!sk_X509_POLICY_REF_push(cache->maps, ref))
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	166	goto bad_mapping;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	167
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	168	ref = NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	169
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	170	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	171
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	172	ret = 1;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	173	bad_mapping:
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	174	if (ret == -1)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	175	x->ex_flags \|= EXFLAG_INVALID_POLICY;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	176	if (ref)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	177	policy_map_free(ref);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	178	if (ret <= 0)
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	179	{
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	180	sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	181	cache->maps = NULL;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	182	}
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	183	sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	184	return ret;
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	185
e4d67989cc36 Revision: 201002 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	186	}

author	hgs
	Tue, 14 Sep 2010 13:39:11 +0530
changeset 65	c4aad78f92f5
parent 0	e4d67989cc36
permissions	-rw-r--r--