Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 0.9.7a and 0.9.8 [xx XXX xxxx] *) Support for policyMappings certificate extension. [Steve Henson] *) Fixed a typo bug that would cause ENGINE_set_default() to set an ENGINE as defaults for all supported algorithms irrespective of the 'flags' parameter. 'flags' is now honoured, so applications Loading crypto/stack/safestack.h +20 −0 Original line number Diff line number Diff line Loading @@ -944,6 +944,26 @@ STACK_OF(type) \ #define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st)) #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) #define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) #define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i)) #define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val)) #define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) #define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) #define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) #define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp)) #define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st) #define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func)) #define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) #define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) Loading crypto/x509v3/Makefile.ssl +2 −2 Original line number Diff line number Diff line Loading @@ -26,11 +26,11 @@ LIB=$(TOP)/libcrypto.a LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \ v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \ v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \ v3_ocsp.c v3_akeya.c v3_ocsp.c v3_akeya.c v3_pmaps.c LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \ v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \ v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \ v3_ocsp.o v3_akeya.o v3_ocsp.o v3_akeya.o v3_pmaps.o SRC= $(LIBSRC) Loading crypto/x509v3/ext_dat.h +3 −1 Original line number Diff line number Diff line Loading @@ -64,6 +64,7 @@ extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate, v3_cpols, v3 extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff; extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc; extern X509V3_EXT_METHOD v3_crl_hold; extern X509V3_EXT_METHOD v3_policy_mappings; /* This table will be searched using OBJ_bsearch so it *must* kept in * order of the ext_nid values. Loading Loading @@ -105,8 +106,9 @@ static X509V3_EXT_METHOD *standard_exts[] = { #endif &v3_sinfo, #ifndef OPENSSL_NO_OCSP &v3_crl_hold &v3_crl_hold, #endif &v3_policy_mappings }; /* Number of standard extensions */ Loading crypto/x509v3/v3_pmaps.c 0 → 100644 +153 −0 Original line number Diff line number Diff line /* v3_pmaps.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL * project. */ /* ==================================================================== * Copyright (c) 2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * licensing@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include <stdio.h> #include "cryptlib.h" #include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/x509v3.h> static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, void *pmps, STACK_OF(CONF_VALUE) *extlist); X509V3_EXT_METHOD v3_policy_mappings = { NID_policy_mappings, 0, ASN1_ITEM_ref(POLICY_MAPPINGS), 0,0,0,0, 0,0, i2v_POLICY_MAPPINGS, v2i_POLICY_MAPPINGS, 0,0, NULL }; ASN1_SEQUENCE(POLICY_MAPPING) = { ASN1_SIMPLE(POLICY_MAPPING, issuerDomainPolicy, ASN1_OBJECT), ASN1_SIMPLE(POLICY_MAPPING, subjectDomainPolicy, ASN1_OBJECT) } ASN1_SEQUENCE_END(POLICY_MAPPING) ASN1_ITEM_TEMPLATE(POLICY_MAPPINGS) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, POLICY_MAPPINGS, POLICY_MAPPING) ASN1_ITEM_TEMPLATE_END(POLICY_MAPPINGS) IMPLEMENT_ASN1_FUNCTIONS(POLICY_MAPPING) static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, void *a, STACK_OF(CONF_VALUE) *ext_list) { POLICY_MAPPINGS *pmaps = a; POLICY_MAPPING *pmap; int i; char obj_tmp1[80]; char obj_tmp2[80]; for(i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) { pmap = sk_POLICY_MAPPING_value(pmaps, i); i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy); i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy); X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list); } return ext_list; } static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { POLICY_MAPPINGS *pmaps; POLICY_MAPPING *pmap; ASN1_OBJECT *obj1, *obj2; CONF_VALUE *val; int i; if(!(pmaps = sk_POLICY_MAPPING_new_null())) { X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { val = sk_CONF_VALUE_value(nval, i); if(!val->value || !val->name) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } obj1 = OBJ_txt2obj(val->name, 0); obj2 = OBJ_txt2obj(val->value, 0); if(!obj1 || !obj2) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } pmap = POLICY_MAPPING_new(); if (!pmap) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,ERR_R_MALLOC_FAILURE); return NULL; } pmap->issuerDomainPolicy = obj1; pmap->subjectDomainPolicy = obj2; sk_POLICY_MAPPING_push(pmaps, pmap); } return pmaps; } Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ Changes between 0.9.7a and 0.9.8 [xx XXX xxxx] *) Support for policyMappings certificate extension. [Steve Henson] *) Fixed a typo bug that would cause ENGINE_set_default() to set an ENGINE as defaults for all supported algorithms irrespective of the 'flags' parameter. 'flags' is now honoured, so applications Loading
crypto/stack/safestack.h +20 −0 Original line number Diff line number Diff line Loading @@ -944,6 +944,26 @@ STACK_OF(type) \ #define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st)) #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) #define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) #define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i)) #define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val)) #define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) #define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) #define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) #define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) #define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp)) #define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st) #define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func)) #define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st)) #define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) #define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) Loading
crypto/x509v3/Makefile.ssl +2 −2 Original line number Diff line number Diff line Loading @@ -26,11 +26,11 @@ LIB=$(TOP)/libcrypto.a LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \ v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \ v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \ v3_ocsp.c v3_akeya.c v3_ocsp.c v3_akeya.c v3_pmaps.c LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \ v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \ v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \ v3_ocsp.o v3_akeya.o v3_ocsp.o v3_akeya.o v3_pmaps.o SRC= $(LIBSRC) Loading
crypto/x509v3/ext_dat.h +3 −1 Original line number Diff line number Diff line Loading @@ -64,6 +64,7 @@ extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate, v3_cpols, v3 extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff; extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc; extern X509V3_EXT_METHOD v3_crl_hold; extern X509V3_EXT_METHOD v3_policy_mappings; /* This table will be searched using OBJ_bsearch so it *must* kept in * order of the ext_nid values. Loading Loading @@ -105,8 +106,9 @@ static X509V3_EXT_METHOD *standard_exts[] = { #endif &v3_sinfo, #ifndef OPENSSL_NO_OCSP &v3_crl_hold &v3_crl_hold, #endif &v3_policy_mappings }; /* Number of standard extensions */ Loading
crypto/x509v3/v3_pmaps.c 0 → 100644 +153 −0 Original line number Diff line number Diff line /* v3_pmaps.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL * project. */ /* ==================================================================== * Copyright (c) 2003 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * licensing@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include <stdio.h> #include "cryptlib.h" #include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/x509v3.h> static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, void *pmps, STACK_OF(CONF_VALUE) *extlist); X509V3_EXT_METHOD v3_policy_mappings = { NID_policy_mappings, 0, ASN1_ITEM_ref(POLICY_MAPPINGS), 0,0,0,0, 0,0, i2v_POLICY_MAPPINGS, v2i_POLICY_MAPPINGS, 0,0, NULL }; ASN1_SEQUENCE(POLICY_MAPPING) = { ASN1_SIMPLE(POLICY_MAPPING, issuerDomainPolicy, ASN1_OBJECT), ASN1_SIMPLE(POLICY_MAPPING, subjectDomainPolicy, ASN1_OBJECT) } ASN1_SEQUENCE_END(POLICY_MAPPING) ASN1_ITEM_TEMPLATE(POLICY_MAPPINGS) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, POLICY_MAPPINGS, POLICY_MAPPING) ASN1_ITEM_TEMPLATE_END(POLICY_MAPPINGS) IMPLEMENT_ASN1_FUNCTIONS(POLICY_MAPPING) static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, void *a, STACK_OF(CONF_VALUE) *ext_list) { POLICY_MAPPINGS *pmaps = a; POLICY_MAPPING *pmap; int i; char obj_tmp1[80]; char obj_tmp2[80]; for(i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) { pmap = sk_POLICY_MAPPING_value(pmaps, i); i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy); i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy); X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list); } return ext_list; } static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { POLICY_MAPPINGS *pmaps; POLICY_MAPPING *pmap; ASN1_OBJECT *obj1, *obj2; CONF_VALUE *val; int i; if(!(pmaps = sk_POLICY_MAPPING_new_null())) { X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,ERR_R_MALLOC_FAILURE); return NULL; } for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { val = sk_CONF_VALUE_value(nval, i); if(!val->value || !val->name) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } obj1 = OBJ_txt2obj(val->name, 0); obj2 = OBJ_txt2obj(val->value, 0); if(!obj1 || !obj2) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return NULL; } pmap = POLICY_MAPPING_new(); if (!pmap) { sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,ERR_R_MALLOC_FAILURE); return NULL; } pmap->issuerDomainPolicy = obj1; pmap->subjectDomainPolicy = obj2; sk_POLICY_MAPPING_push(pmaps, pmap); } return pmaps; }
