Lines Matching defs:level
119 * policy graph. This structure can also be used to represent a level's
227 x509_policy_level_free(X509_POLICY_LEVEL *level)
229 if (level == NULL)
232 sk_X509_POLICY_NODE_pop_free(level->nodes, x509_policy_node_free);
233 free(level);
239 X509_POLICY_LEVEL *level;
241 if ((level = calloc(1, sizeof(*level))) == NULL)
243 level->nodes = sk_X509_POLICY_NODE_new(x509_policy_node_cmp);
244 if (level->nodes == NULL)
247 return level;
250 x509_policy_level_free(level);
255 x509_policy_level_is_empty(const X509_POLICY_LEVEL *level)
257 if (level->has_any_policy)
260 return sk_X509_POLICY_NODE_num(level->nodes) == 0;
264 x509_policy_level_clear(X509_POLICY_LEVEL *level)
269 level->has_any_policy = 0;
270 for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
271 node = sk_X509_POLICY_NODE_value(level->nodes, i);
274 sk_X509_POLICY_NODE_zero(level->nodes);
278 * x509_policy_level_find returns the node in |level| corresponding to |policy|,
279 * or NULL if none exists. Callers should ensure that level->nodes is sorted
283 x509_policy_level_find(X509_POLICY_LEVEL *level, const ASN1_OBJECT *policy)
289 if ((idx = sk_X509_POLICY_NODE_find(level->nodes, &node)) < 0)
291 return sk_X509_POLICY_NODE_value(level->nodes, idx);
295 * x509_policy_level_add_nodes adds the nodes in |nodes| to |level|. It returns
297 * in |level|. This function modifies |nodes| to avoid making a copy, but the
300 * This function is used to add nodes to |level| in bulk, and avoid resorting
301 * |level| after each addition.
304 x509_policy_level_add_nodes(X509_POLICY_LEVEL *level,
311 if (!sk_X509_POLICY_NODE_push(level->nodes, node))
315 sk_X509_POLICY_NODE_sort(level->nodes);
341 * process_certificate_policies updates |level| to incorporate |x509|'s
343 * 5280, section 6.1.3. |level| must contain the previous level's
344 * "expected_policy_set" information. For all but the top-most level, this is
350 process_certificate_policies(const X509 *x509, X509_POLICY_LEVEL *level,
367 x509_policy_level_clear(level);
401 * though in a slightly different order. |level| currently contains
402 * "expected_policy_set" values of the previous level.
405 previous_level_has_any_policy = level->has_any_policy;
409 * two steps is to intersect |level| with |policies|, ignoring
415 sk_X509_POLICY_NODE_delete_if(level->nodes,
417 level->has_any_policy = 0;
421 * Step (d.1.ii) may attach new nodes to the previous level's anyPolicy
432 * is in |level| if and only if it would have been a
437 if (!sk_X509_POLICY_NODE_is_sorted(level->nodes))
439 if (x509_policy_level_find(level, policy->policyid) != NULL)
448 if (!x509_policy_level_add_nodes(level, new_nodes))
488 * whose corresponding graph level is |level|. |mapping_allowed| specifies
490 * |X509_POLICY_LEVEL| containing the "expected_policy_set" for |level|. On
497 * P2 in its "expected_policy_set", the level will contain a node of policy P2
502 * this result down to compute the actual level.
506 X509_POLICY_LEVEL *level,
550 * Mark nodes as mapped, and add any nodes to |level|
570 if (!sk_X509_POLICY_NODE_is_sorted(level->nodes))
572 node = x509_policy_level_find(level,
575 if (!level->has_any_policy)
588 if (!x509_policy_level_add_nodes(level, new_nodes))
597 sk_X509_POLICY_NODE_delete_if(level->nodes,
614 for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
615 node = sk_X509_POLICY_NODE_value(level->nodes, i);
639 next->has_any_policy = level->has_any_policy;
648 if (!level->has_any_policy) {
649 if (!sk_X509_POLICY_NODE_is_sorted(level->nodes))
651 if (x509_policy_level_find(level,
773 X509_POLICY_LEVEL *level, *prev;
783 level = sk_X509_POLICY_LEVEL_value(levels, num_levels - 1);
784 if (x509_policy_level_is_empty(level))
813 if (level->has_any_policy)
819 * bottommost level. Start by marking each of those nodes as reachable.
821 for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++)
822 sk_X509_POLICY_NODE_value(level->nodes, i)->reachable = 1;
825 level = sk_X509_POLICY_LEVEL_value(levels, i);
826 for (j = 0; j < sk_X509_POLICY_NODE_num(level->nodes); j++) {
827 node = sk_X509_POLICY_NODE_value(level->nodes, j);
879 X509_POLICY_LEVEL *level = NULL;
909 if (level == NULL) {
912 level = x509_policy_level_new();
913 if (level == NULL)
915 level->has_any_policy = 1;
924 if (!process_certificate_policies(cert, level,
932 if (explicit_policy == 0 && x509_policy_level_is_empty(level)) {
938 if (!sk_X509_POLICY_LEVEL_push(levels, level))
940 current_level = level;
941 level = NULL;
949 level = process_policy_mappings(cert, current_level,
951 if (level == NULL) {
1010 x509_policy_level_free(level);