From b5cdbe6fa5b5d4d21ff22f49157176cdcab608e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Sun, 27 Jan 2008 13:15:07 +0000 Subject: [PATCH] (hx509_query_match_eku): update to support the NULL eku (reset), clearify the old behaivor with regards repetitive calls. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22539 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/hx509/cert.c | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/lib/hx509/cert.c b/lib/hx509/cert.c index 36fbe81c9..a7d6e0024 100644 --- a/lib/hx509/cert.c +++ b/lib/hx509/cert.c @@ -2610,11 +2610,12 @@ hx509_query_match_friendly_name(hx509_query *q, const char *name) } /** - * Set the query controller to require an specific EKU (extended key - * usage). + * Set the query controller to require an one specific EKU (extended + * key usage). Any previous EKU matching is overwitten. If NULL is + * passed in as the eku, the EKU requirement is reset. * * @param q a hx509 query controller. - * @param eku an EKU to match on + * @param eku an EKU to match on. * * @return An hx509 error code, see hx509_get_error_string(). * @@ -2626,20 +2627,29 @@ hx509_query_match_eku(hx509_query *q, const heim_oid *eku) { int ret; - if (q->eku) { - der_free_oid(q->eku); + if (eku == NULL) { + if (q->eku) { + der_free_oid(q->eku); + free(q->eku); + q->eku = NULL; + } + q->match &= ~HX509_QUERY_MATCH_EKU; } else { - q->eku = calloc(1, sizeof(*q->eku)); - if (q->eku == NULL) - return ENOMEM; + if (q->eku) { + der_free_oid(q->eku); + } else { + q->eku = calloc(1, sizeof(*q->eku)); + if (q->eku == NULL) + return ENOMEM; + } + ret = der_copy_oid(eku, q->eku); + if (ret) { + free(q->eku); + q->eku = NULL; + return ret; + } + q->match |= HX509_QUERY_MATCH_EKU; } - ret = der_copy_oid(eku, q->eku); - if (ret) { - free(q->eku); - q->eku = NULL; - return ret; - } - q->match |= HX509_QUERY_MATCH_EKU; return 0; }