Add RFC 3779 support.

author: Ben Laurie <ben@openssl.org> 2006-11-27 14:18:05 +0000
committer: Ben Laurie <ben@openssl.org> 2006-11-27 14:18:05 +0000
commit: 96ea4ae91c7fda9fd28a013182b0e8dc67b7ac7d (patch)
tree: 364aa21990f695348601d6f4a8774fe7d861e26e /crypto/x509v3/pcy_tree.c
parent: 7af5726108188e4e4e4ca1a95cea43801ec19905 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 846a903e93..27d29f25a8 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -628,6 +628,16 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
 		/* Tree OK: continue */
 
 		case 1:
+		if (!tree)
+			/*
+			 * tree_init() returns success and a null tree
+			 * if it's just looking at a trust anchor.
+			 * I'm not sure that returning success here is
+			 * correct, but I'm sure that reporting this
+			 * as an internal error which our caller
+			 * interprets as a malloc failure is wrong.
+			 */
+			return 1;
 		break;
 		}
author	Ben Laurie <ben@openssl.org>	2006-11-27 14:18:05 +0000
committer	Ben Laurie <ben@openssl.org>	2006-11-27 14:18:05 +0000
commit	96ea4ae91c7fda9fd28a013182b0e8dc67b7ac7d (patch)
tree	364aa21990f695348601d6f4a8774fe7d861e26e /crypto/x509v3/pcy_tree.c
parent	7af5726108188e4e4e4ca1a95cea43801ec19905 (diff)