BOOL SSL_X509_isSGC(X509 *cert)
{
#ifdef HAVE_SSL_X509V3_EXT_d2i
- X509_EXTENSION *ext;
int ext_nid;
EXTENDED_KEY_USAGE *sk;
BOOL is_sgc;
- int idx;
int i;
is_sgc = FALSE;
- idx = X509_get_ext_by_NID(cert, NID_ext_key_usage, -1);
- if (idx >= 0) {
- ext = X509_get_ext(cert, idx);
- if ((sk = (EXTENDED_KEY_USAGE *)X509V3_EXT_d2i(ext)) != NULL) {
- for (i = 0; i < sk_ASN1_OBJECT_num(sk); i++) {
- ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_ASN1_OBJECT_value(sk, i));
- if (ext_nid == NID_ms_sgc || ext_nid == NID_ns_sgc) {
- is_sgc = TRUE;
- break;
- }
+ sk = X509_get_ext_d2i(cert, NID_ext_key_usage, NULL, NULL);
+ if (sk) {
+ for (i = 0; i < sk_ASN1_OBJECT_num(sk); i++) {
+ ext_nid = OBJ_obj2nid(sk_ASN1_OBJECT_value(sk, i));
+ if (ext_nid == NID_ms_sgc || ext_nid == NID_ns_sgc) {
+ is_sgc = TRUE;
+ break;
}
}
+ EXTENDED_KEY_USAGE_free(sk);
}
return is_sgc;
#else
BOOL SSL_X509_getBC(X509 *cert, int *ca, int *pathlen)
{
#ifdef HAVE_SSL_X509V3_EXT_d2i
- X509_EXTENSION *ext;
BASIC_CONSTRAINTS *bc;
int idx;
BIGNUM *bn = NULL;
char *cp;
- if ((idx = X509_get_ext_by_NID(cert, NID_basic_constraints, -1)) < 0)
- return FALSE;
- ext = X509_get_ext(cert, idx);
- if (ext == NULL)
- return FALSE;
- if ((bc = (BASIC_CONSTRAINTS *)X509V3_EXT_d2i(ext)) == NULL)
+ bc = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
+ if (bc == NULL);
return FALSE;
*ca = bc->ca;
*pathlen = -1 /* unlimited */;
projects / apache / commitdiff