示例#1
0
/** Test texture size errors and subtexture position errors */
static GLboolean
test_pos_and_sizes(void)
{
   /* all of these should generate GL_INVALID_VALUE */

   glTexImage1D(GL_TEXTURE_1D, 0, GL_RGBA, -16, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage1D(size)", GL_INVALID_VALUE))
      return GL_FALSE;

   glTexImage2D(GL_TEXTURE_2D, 0, GL_RGBA, -6, -5, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage2D(size)", GL_INVALID_VALUE))
      return GL_FALSE;

   glTexImage2D(GL_TEXTURE_2D, -2, GL_RGBA, 16, 16, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage2D(level)", GL_INVALID_VALUE))
      return GL_FALSE;

   glTexImage2D(GL_TEXTURE_2D, 2000, GL_RGBA, 16, 16, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage2D(level)", GL_INVALID_VALUE))
      return GL_FALSE;


   glCopyTexImage2D(GL_TEXTURE_2D, 0, GL_RGBA, 2, 2, 1<<28, 1<<28, 0);
   if (!verify_error("glTexImage2D(huge size)", GL_INVALID_VALUE))
      return GL_FALSE;


   /* setup valid 2D texture for subsequent TexSubImage calls */
   glTexImage2D(GL_TEXTURE_2D, 0, GL_RGBA, 16, 15, 0, GL_RGBA, GL_FLOAT, NULL);


   glTexSubImage2D(GL_TEXTURE_2D, 0, 6, 6, 100, 100, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexSubImage2D(size)", GL_INVALID_VALUE))
      return GL_FALSE;

   glTexSubImage2D(GL_TEXTURE_2D, 0, -6, -6, 10, 10, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexSubImage2D(pos)", GL_INVALID_VALUE))
      return GL_FALSE;


   glCopyTexSubImage2D(GL_TEXTURE_2D, 0, -6, -6, 2, 2, 10, 10);
   if (!verify_error("glCopyTexSubImage2D(pos)", GL_INVALID_VALUE))
      return GL_FALSE;

   glCopyTexSubImage2D(GL_TEXTURE_2D, 0, 6, 6, 200, 200, 10, 10);
   if (!verify_error("glCopyTexSubImage2D(size)", GL_INVALID_VALUE))
      return GL_FALSE;

   return GL_TRUE;
}
static int remotetest_exec(int dest, u64 *val)
{
    void *dev_handle;
    void *event_handles[3];
    void *cb_handle;
    int ret;
    u64 errmask = 0;
    uint32_t ouint;
    uint32_t oalen;

    /*                       */
    ret = daldevice_attach(REMOTE_UNITTEST_DEVICEID, NULL,
                           dest, &dev_handle);
    if (ret) {
        printk(KERN_INFO "%s: failed to attach (%d)\n", __func__, ret);
        *val = 0xffffffff;
        return 0;
    }

    /*                        */
    ret = remote_unittest_0(dev_handle, REMOTE_UNITTEST_INARG_1);
    if (ret)
        rpc_error(0);

    /*                        */
    ret = remote_unittest_1(dev_handle, REMOTE_UNITTEST_INARG_1,
                            REMOTE_UNITTEST_INARG_2);
    if (ret)
        rpc_error(1);

    /*                        */
    ouint = 0;
    ret = remote_unittest_2(dev_handle, REMOTE_UNITTEST_INARG_1, &ouint);
    if (ret)
        rpc_error(2);
    else if (ouint != REMOTE_UNITTEST_OUTARG_1)
        verify_error(2, "ouint");

    /*                        */
    ret = remote_unittest_3(dev_handle, REMOTE_UNITTEST_INARG_1,
                            REMOTE_UNITTEST_INARG_2,
                            REMOTE_UNITTEST_INARG_3);
    if (ret)
        rpc_error(3);

    /*                        */
    ouint = 0;
    ret = remote_unittest_4(dev_handle, REMOTE_UNITTEST_INARG_1,
                            REMOTE_UNITTEST_INARG_2, &ouint);
    if (ret)
        rpc_error(4);
    else if (ouint != REMOTE_UNITTEST_OUTARG_1)
        verify_error(4, "ouint");

    /*                        */
    init_data(&in_data);
    ret = remote_unittest_5(dev_handle, &in_data, sizeof(in_data));
    if (ret)
        rpc_error(5);

    /*                        */
    init_data(&in_data);
    ret = remote_unittest_6(dev_handle, REMOTE_UNITTEST_INARG_1,
                            &in_data.test, sizeof(in_data.test));
    if (ret)
        rpc_error(6);

    /*                        */
    init_data(&in_data);
    memset(&out_data, 0, sizeof(out_data));
    ret = remote_unittest_7(dev_handle, &in_data, sizeof(in_data),
                            &out_data.test, sizeof(out_data.test),
                            &oalen);
    if (ret)
        rpc_error(7);
    else if (oalen != sizeof(out_data.test))
        verify_error(7, "oalen");
    else if (verify_uint32_buffer(out_data.test))
        verify_error(7, "obuf");

    /*                        */
    init_bytebuf(in_bytebuf);
    memset(&out_data, 0, sizeof(out_data));
    ret = remote_unittest_8(dev_handle, in_bytebuf, sizeof(in_bytebuf),
                            &out_data, sizeof(out_data));
    if (ret)
        rpc_error(8);
    else if (verify_data(&out_data))
        verify_error(8, "obuf");

    /*                        */
    memset(&out_bytebuf, 0, sizeof(out_bytebuf));
    ret = remote_unittest_9(dev_handle, out_bytebuf, sizeof(out_bytebuf));
    if (ret)
        rpc_error(9);
    else if (verify_bytebuf(out_bytebuf))
        verify_error(9, "obuf");

    /*                         */
    init_bytebuf(in_bytebuf);
    memset(&out_bytebuf, 0, sizeof(out_bytebuf));
    ret = remote_unittest_10(dev_handle, REMOTE_UNITTEST_INARG_1,
                             in_bytebuf, sizeof(in_bytebuf),
                             out_bytebuf, sizeof(out_bytebuf), &oalen);
    if (ret)
        rpc_error(10);
    else if (oalen != sizeof(out_bytebuf))
        verify_error(10, "oalen");
    else if (verify_bytebuf(out_bytebuf))
        verify_error(10, "obuf");

    /*                         */
    memset(&out_bytebuf, 0, sizeof(out_bytebuf));
    ret = remote_unittest_11(dev_handle, REMOTE_UNITTEST_INARG_1,
                             out_bytebuf, sizeof(out_bytebuf));
    if (ret)
        rpc_error(11);
    else if (verify_bytebuf(out_bytebuf))
        verify_error(11, "obuf");

    /*                         */
    memset(&out_bytebuf, 0, sizeof(out_bytebuf));
    ret = remote_unittest_12(dev_handle, REMOTE_UNITTEST_INARG_1,
                             out_bytebuf, sizeof(out_bytebuf), &oalen);
    if (ret)
        rpc_error(12);
    else if (oalen != sizeof(out_bytebuf))
        verify_error(12, "oalen");
    else if (verify_bytebuf(out_bytebuf))
        verify_error(12, "obuf");

    /*                         */
    init_data(&in_data);
    memset(&out_data, 0, sizeof(out_data));
    ret = remote_unittest_13(dev_handle, in_data.test, sizeof(in_data.test),
                             &in_data, sizeof(in_data),
                             &out_data, sizeof(out_data));
    if (ret)
        rpc_error(13);
    else if (verify_data(&out_data))
        verify_error(13, "obuf");

    /*                         */
    init_data(&in_data);
    memset(out_bytebuf, 0, sizeof(out_bytebuf));
    memset(out_bytebuf2, 0, sizeof(out_bytebuf2));
    ret = remote_unittest_14(dev_handle,
                             in_data.test, sizeof(in_data.test),
                             out_bytebuf, sizeof(out_bytebuf),
                             out_bytebuf2, sizeof(out_bytebuf2), &oalen);
    if (ret)
        rpc_error(14);
    else if (verify_bytebuf(out_bytebuf))
        verify_error(14, "obuf");
    else if (oalen != sizeof(out_bytebuf2))
        verify_error(14, "oalen");
    else if (verify_bytebuf(out_bytebuf2))
        verify_error(14, "obuf2");

    /*                         */
    init_data(&in_data);
    memset(out_bytebuf, 0, sizeof(out_bytebuf));
    memset(&out_data, 0, sizeof(out_data));
    ret = remote_unittest_15(dev_handle,
                             in_data.test, sizeof(in_data.test),
                             &in_data, sizeof(in_data),
                             &out_data, sizeof(out_data), &oalen,
                             out_bytebuf, sizeof(out_bytebuf));
    if (ret)
        rpc_error(15);
    else if (oalen != sizeof(out_data))
        verify_error(15, "oalen");
    else if (verify_bytebuf(out_bytebuf))
        verify_error(15, "obuf");
    else if (verify_data(&out_data))
        verify_error(15, "obuf2");

    /*                               */
    event_handles[0] = dalrpc_alloc_event(dev_handle);
    event_handles[1] = dalrpc_alloc_event(dev_handle);
    event_handles[2] = dalrpc_alloc_event(dev_handle);
    cb_handle = dalrpc_alloc_cb(dev_handle, test_cb, &out_data);
    in_data.regular_event = (uint32_t)event_handles[2];
    in_data.payload_event = (uint32_t)cb_handle;
    ret = remote_unittest_eventcfg(dev_handle, &in_data, sizeof(in_data));
    if (ret) {
        errmask |= (1 << 16);
        printk(KERN_INFO "%s: failed to configure asynch (%d)\n",
               __func__, ret);
    }

    /*            */
    ret = remote_unittest_eventtrig(dev_handle,
                                    REMOTE_UNITTEST_REGULAR_EVENT);
    if (ret) {
        errmask |= (1 << 17);
        printk(KERN_INFO "%s: failed to trigger event (%d)\n",
               __func__, ret);
    }
    ret = dalrpc_event_wait(event_handles[2], 1000);
    if (ret) {
        errmask |= (1 << 18);
        printk(KERN_INFO "%s: failed to receive event (%d)\n",
               __func__, ret);
    }

    /*                  */
    ret = remote_unittest_eventtrig(dev_handle,
                                    REMOTE_UNITTEST_REGULAR_EVENT);
    if (ret) {
        errmask |= (1 << 19);
        printk(KERN_INFO "%s: failed to trigger event (%d)\n",
               __func__, ret);
    }
    ret = dalrpc_event_wait_multiple(3, event_handles, 1000);
    if (ret != 2) {
        errmask |= (1 << 20);
        printk(KERN_INFO "%s: failed to receive event (%d)\n",
               __func__, ret);
    }

    /*               */
    ret = remote_unittest_eventtrig(dev_handle,
                                    REMOTE_UNITTEST_CALLBACK_EVENT);
    if (ret) {
        errmask |= (1 << 21);
        printk(KERN_INFO "%s: failed to trigger callback (%d)\n",
               __func__, ret);
    } else
        while (block_until_cb)
            ;

    dalrpc_dealloc_cb(dev_handle, cb_handle);
    dalrpc_dealloc_event(dev_handle, event_handles[0]);
    dalrpc_dealloc_event(dev_handle, event_handles[1]);
    dalrpc_dealloc_event(dev_handle, event_handles[2]);

    /*                       */
    ret = daldevice_detach(dev_handle);
    if (ret) {
        errmask |= (1 << 22);
        printk(KERN_INFO "%s: failed to detach (%d)\n", __func__, ret);
    }

    printk(KERN_INFO "%s: remote_unittest complete\n", __func__);

    *val = errmask;
    return 0;
}
示例#3
0
/** Test target params to glTexImage functions */
static GLboolean
test_targets(void)
{
   /* all of these should generate GL_INVALID_ENUM */

   glTexImage1D(GL_TEXTURE_2D, 0, GL_RGBA, 16, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage1D", GL_INVALID_ENUM))
      return GL_FALSE;

   glTexImage2D(GL_TEXTURE_3D, 0, GL_RGBA, 16, 16, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage2D", GL_INVALID_ENUM))
      return GL_FALSE;

   glTexImage3D(GL_TEXTURE_1D, 0, GL_RGBA, 16, 16, 16, 0, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexImage3D", GL_INVALID_ENUM))
      return GL_FALSE;


   glTexSubImage1D(GL_TEXTURE_2D, 0, 6, 10, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexSubImage1D", GL_INVALID_ENUM))
      return GL_FALSE;

   glTexSubImage1D(GL_PROXY_TEXTURE_1D, 0, 6, 10, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexSubImage1D", GL_INVALID_ENUM))
      return GL_FALSE;

   glTexSubImage2D(GL_PROXY_TEXTURE_2D, 0, 6, 6, 10, 10, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexSubImage1D", GL_INVALID_ENUM))
      return GL_FALSE;

   glTexSubImage3D(GL_PROXY_TEXTURE_2D, 0, 6, 6, 6, 10, 10, 10, GL_RGBA, GL_FLOAT, NULL);
   if (!verify_error("glTexSubImage3D", GL_INVALID_ENUM))
      return GL_FALSE;


   glCopyTexImage1D(GL_PROXY_TEXTURE_1D, 0, GL_RGBA, 4, 4, 16, 0);
   if (!verify_error("glCopyTexImage1D", GL_INVALID_ENUM))
      return GL_FALSE;

   glCopyTexImage2D(GL_PROXY_TEXTURE_2D, 0, GL_RGBA, 4, 4, 16, 16, 0);
   if (!verify_error("glCopyTexImage2D", GL_INVALID_ENUM))
      return GL_FALSE;

   glCopyTexImage2D(GL_TEXTURE_1D, 0, GL_RGBA, 4, 4, 16, 16, 0);
   if (!verify_error("glCopyTexImage2D", GL_INVALID_ENUM))
      return GL_FALSE;


   glCopyTexSubImage1D(GL_PROXY_TEXTURE_1D, 0, 4, 4, 6, 10);
   if (!verify_error("glCopyTexSubImage1D", GL_INVALID_ENUM))
      return GL_FALSE;

   glCopyTexSubImage2D(GL_PROXY_TEXTURE_2D, 0, 4, 4, 6, 6, 10, 10);
   if (!verify_error("glCopyTexSubImage2D", GL_INVALID_ENUM))
      return GL_FALSE;

   glCopyTexSubImage3D(GL_PROXY_TEXTURE_3D, 0, 4, 4, 4, 6, 6, 10, 10);
   if (!verify_error("glCopyTexSubImage2D", GL_INVALID_ENUM))
      return GL_FALSE;


   return GL_TRUE;
}
示例#4
0
/**
 * Returns type of proxy certificate.
 * Valid values are:
 *	  NONE
 *	  CA
 *	  EEC
 *	  GT2_PROXY
 *	  RFC_PROXY
 *	  GT2_LIMITED_PROXY
 *	  RFC_LIMITED_PROXY
 *	  GT3_PROXY
 *	  GT3_LIMITED_PROXY
 */
proxy_type_t verify_type_of_proxy(X509 * cert) {
#ifdef __func__
    const char *logstr=__func__;
#else
    const char *logstr="verify_type_of_proxy";
#endif
    proxy_type_t pt = NONE;
    char * cert_subjectdn = NULL;
    char * cert_issuerdn = NULL;
    char * tail_str = NULL;
    size_t len_subject_dn;
    size_t len_issuer_dn;

    X509_EXTENSION *                    pci_ext = NULL;
    PROXYCERTINFO *                     pci = NULL;
    PROXYPOLICY *                       policy = NULL;
    ASN1_OBJECT *                       policy_lang = NULL;
    int                                 policy_nid;
    int                                 myindex = -1;

    int  i;
    char s[EXT_TEXT_LEN];

    X509_EXTENSION *ex;

    /* Is it a CA certificate */
    if (verify_x509IsCA(cert)) {
        /* verify_log (L_DEBUG, "%s: Detected CA certificate", logstr); */
        pt = CA;
        goto finalize;
    }

    /* Check by OID */
    for (i = 0; i < X509_get_ext_count(cert); ++i) {
        ex = X509_get_ext(cert, i);

        if (X509_EXTENSION_get_object(ex)) {
            OBJ_obj2txt(s, EXT_TEXT_LEN, X509_EXTENSION_get_object(ex), 1);

            if (strcmp(s, OID_RFC_PROXY) == 0) {
                pt = RFC_PROXY;

                /* Find index of OID_RFC_PROXY */
                if((myindex = X509_get_ext_by_NID(cert, OBJ_txt2nid(OID_RFC_PROXY), -1)) != -1  &&
                    (pci_ext = X509_get_ext(cert,myindex)) && X509_EXTENSION_get_critical(pci_ext)) {
                    if((pci = X509V3_EXT_d2i(pci_ext)) == NULL) {
                        verify_error(logstr, "Can't convert DER encoded PROXYCERTINFO extension to internal form");
                        goto failure;
                    }

                    /* Pull a certificate policy from the extension, note:
		     * pci!=NULL since we've checked that */
                    if( (policy = pci->policy) == NULL) {
                        verify_error(logstr, "Can't get policy from PROXYCERTINFO extension");
                        goto failure;
                    }

                    /* Get policy language */
                    if( (policy_lang = policy->policy_language) == NULL) {
                        verify_error(logstr, "Can't get policy language from PROXYCERTINFO extension");
                        goto failure;
                    }

                    /* Lang to NID, lang's NID holds RFC Proxy type, like limited. Impersonation is the default */
                    policy_nid = OBJ_obj2nid(policy_lang);

                    if(policy_nid == OBJ_txt2nid(IMPERSONATION_PROXY_OID)) {
                        pt = RFC_PROXY;
                    } else if(policy_nid == OBJ_txt2nid(INDEPENDENT_PROXY_OID)) {
                        pt = RFC_PROXY;
                    } else if(policy_nid == OBJ_txt2nid(LIMITED_PROXY_OID)) {
                        pt = RFC_LIMITED_PROXY;
                    } else {
                        /* RFC_RESTRICTED_PROXY */
                        pt = RFC_PROXY;
                    }

                    if(X509_get_ext_by_NID(cert, OBJ_txt2nid(OID_RFC_PROXY), myindex) != -1) {
                        verify_error(logstr, "Found more than one PCI extension");
                        goto failure;
                    }
                }
                goto finalize;
            }
            if (strcmp(s, OID_GLOBUS_PROXY_V3) == 0) {
                pt = GT3_PROXY;

                /* Find index of OID_GT3_PROXY - Don't make it search for critical extentions... VOMS doesn't set those. */
                if((myindex = X509_get_ext_by_NID(cert, OBJ_txt2nid(OID_GLOBUS_PROXY_V3), -1)) != -1  &&
                    (pci_ext = X509_get_ext(cert,myindex))) {
                    if((pci = X509V3_EXT_d2i(pci_ext)) == NULL) {
                        verify_error(logstr, "Can't convert DER encoded PROXYCERTINFO extension to internal form");
                        goto failure;
                    }

                    /* Pull a certificate policy from the extension. Note: pci
		     * != NULL since we've checked that */
                    if( (policy = pci->policy) == NULL) {
                        verify_error(logstr, "Can't get policy from PROXYCERTINFO extension");
                        goto failure;
                    }

                    /* Get policy language */
                    if( (policy_lang = policy->policy_language) == NULL) {
                        verify_error(logstr, "Can't get policy language from PROXYCERTINFO extension");
                        goto failure;
                    }

                    /* Lang to NID, lang's NID holds RFC Proxy type, like limited. Impersonation is the default */
                    policy_nid = OBJ_obj2nid(policy_lang);

                    if(policy_nid == OBJ_txt2nid(IMPERSONATION_PROXY_OID)) {
                        pt = GT3_PROXY;
                    } else if(policy_nid == OBJ_txt2nid(INDEPENDENT_PROXY_OID)) {
                        pt = GT3_PROXY;
                    } else if(policy_nid == OBJ_txt2nid(LIMITED_PROXY_OID)) {
                        pt = GT3_LIMITED_PROXY;
                    } else {
                        /* GT3_RESTRICTED_PROXY */
                        pt = GT3_PROXY;
                    }

                    if(X509_get_ext_by_NID(cert, OBJ_txt2nid(OID_GLOBUS_PROXY_V3), myindex) != -1) {
                        verify_error(logstr, "Found more than one PCI extension");
                        goto failure;
                    }
                }

                goto finalize;
            }
            if (strcmp(s, OID_GLOBUS_PROXY_V2) == 0) {
                pt = GT3_PROXY;

                /* Check for GT2_PROXY tail */
                if (cert_subjectdn
                    && (strlen(cert_subjectdn) > strlen("/cn=proxy"))
                    && (tail_str = &cert_subjectdn[strlen(cert_subjectdn) - strlen("/cn=proxy")])
                    && (strcasecmp(tail_str, "/cn=proxy") == 0)
                   ) {
                    /* verify_log (L_DEBUG, "%s: Detected GT2 proxy certificate", logstr); */

                    pt = GT2_PROXY;
                    goto finalize;
                }

                /* Check for GT2_LIMITED_PROXY tail */
                if (cert_subjectdn
                    && (strlen(cert_subjectdn) > strlen("/cn=limited proxy"))
                    && (tail_str = &cert_subjectdn[strlen(cert_subjectdn) - strlen("/cn=limited proxy")])
                    && (strcasecmp(tail_str, "/cn=limited proxy") == 0)
                   ) {
                    /* verify_log (L_DEBUG, "%s: Detected GT2 limited proxy certificate", logstr); */

                    pt = GT2_LIMITED_PROXY;
                    goto finalize;
                }

                verify_error(logstr, "Detected the Globus GT2 OID in the certificate, "
                                "but seems to have a malformed Subject DN: \"%s\"", cert_subjectdn);
                goto failure;
            }
        }
    }

    /* Options left: GT2_PROXY, GT2_LIMITED_PROXY, EEC */
    /* Extract Subject DN - Needs free */
    if (!(cert_subjectdn = X509_NAME_oneline (X509_get_subject_name (cert), NULL, 0))) {
        verify_error (logstr, "Error in %s: Couldn't get the subject DN from the certificate.", logstr);
        goto failure;
    }
    if (!(cert_issuerdn = X509_NAME_oneline (X509_get_issuer_name (cert), NULL, 0))) {
        verify_error (logstr, "Error in %s: Couldn't get the issuer DN from the certificate.", logstr);
        goto failure;
    }

    /* Check length of the DNs */
    len_subject_dn = strlen(cert_subjectdn);
    len_issuer_dn  = strlen(cert_issuerdn);


    /* Lower case the Subject DN */
    /* for (j = 0; j < strlen(cert_subjectdn); j++) { cert_subjectdn[j] = tolower(cert_subjectdn[j]); } */

    /* Proxies always has a longer subject_dn then a issuer_dn and
     * the issuer_dn is a substring of the subject_dn
     */
    if (   (len_issuer_dn < len_subject_dn)
        && (strncmp(cert_subjectdn, cert_issuerdn, len_issuer_dn) == 0)
       ) {
        /* Check for GT2_PROXY tail */
        if (cert_subjectdn
            && (strlen(cert_subjectdn) > strlen("/cn=proxy"))
            && (tail_str = &cert_subjectdn[strlen(cert_subjectdn) - strlen("/cn=proxy")])
            && (strcasecmp(tail_str, "/cn=proxy") == 0)
           ) {
            /* verify_log (L_DEBUG, "%s: Detected GT2 proxy certificate", logstr); */
            pt = GT2_PROXY;
            goto finalize;
        }

        /* Check for GT2_LIMITED_PROXY tail */
        if (cert_subjectdn
            && (strlen(cert_subjectdn) > strlen("/cn=limited proxy"))
            && (tail_str = &cert_subjectdn[strlen(cert_subjectdn) - strlen("/cn=limited proxy")])
            && (strcasecmp(tail_str, "/cn=limited proxy") == 0)
           ) {
            /* verify_log (L_DEBUG, "%s: Detected GT2 limited proxy certificate", logstr); */
            pt = GT2_LIMITED_PROXY;
            goto finalize;
        }

        /* Check for RFC_PROXY, without the need for OpenSSL proxy support */
        /* Method: Check if the subject_dn is long enough, grab its tail and
         * snip of the 10 characters. Then check if the 10 characters are
         * numbers. */
        if (cert_subjectdn
            && (strlen(cert_subjectdn) > strlen("/cn=0123456789"))
            && (tail_str = strrchr(cert_subjectdn, '='))
            && (tail_str = &tail_str[1])
            && (strtol(tail_str, NULL, 10))
            && (errno != ERANGE)
           ) {
            /* verify_log (L_DEBUG, "%s: Detected RFC proxy certificate", logstr); */
            pt = RFC_PROXY;
            goto finalize;
        }

        /* Don't know the type of proxy, could be an RFC proxy with
         * improper/incomplete implementation in the active OpenSSL version or
         * a mistake in the client software */
        goto failure;
    }


    /* I have no idea what else it is, so I conclude that it's an EEC */
    pt = EEC;
    goto finalize;

failure:
    /* On failure, or non-distinct selections of the certificate, indicate NONE */
    pt = NONE;
finalize:
    if (cert_subjectdn)
        free(cert_subjectdn);
    if (cert_issuerdn)
        free(cert_issuerdn);

    return pt;
}