static int policy_cache_create (X509 * x, CERTIFICATEPOLICIES * policies, int crit) { int i; int ret = 0; X509_POLICY_CACHE *cache = x->policy_cache; X509_POLICY_DATA *data = NULL; POLICYINFO *policy; if (sk_POLICYINFO_num (policies) == 0) goto bad_policy; cache->data = sk_X509_POLICY_DATA_new (policy_data_cmp); if (!cache->data) goto bad_policy; for (i = 0; i < sk_POLICYINFO_num (policies); i++) { policy = sk_POLICYINFO_value (policies, i); data = policy_data_new (policy, NULL, crit); if (!data) goto bad_policy; /* Duplicate policy OIDs are illegal: reject if matches * found. */ if (OBJ_obj2nid (data->valid_policy) == NID_any_policy) { if (cache->anyPolicy) { ret = -1; goto bad_policy; } cache->anyPolicy = data; } else if (sk_X509_POLICY_DATA_find (cache->data, data) != -1) { ret = -1; goto bad_policy; } else if (!sk_X509_POLICY_DATA_push (cache->data, data)) goto bad_policy; data = NULL; } ret = 1; bad_policy: if (ret == -1) x->ex_flags |= EXFLAG_INVALID_POLICY; if (data) policy_data_free (data); sk_POLICYINFO_pop_free (policies, POLICYINFO_free); if (ret <= 0) { sk_X509_POLICY_DATA_pop_free (cache->data, policy_data_free); cache->data = NULL; } return ret; }
void policy_cache_free(X509_POLICY_CACHE *cache) { if (!cache) return; if (cache->anyPolicy) policy_data_free(cache->anyPolicy); if (cache->data) sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free); OPENSSL_free(cache); }