Commit 0a5fe2eb authored by Richard Levitte's avatar Richard Levitte
Browse files

Add setter and getter for X509_STORE's check_policy 



Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 1060a50b

crypto/include/internal/x509_int.h

+1 −0
Original line number Diff line number Diff line
@@ -204,6 +204,7 @@ struct x509_store_ctx_st { /* X509_STORE_CTX */ 
    int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);

    /* Check certificate against CRL */

    int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);

    /* Check policy status of the chain */

    int (*check_policy) (X509_STORE_CTX *ctx);

    STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);

    STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);

crypto/x509/x509_lcl.h

+2 −0
Original line number Diff line number Diff line
@@ -123,6 +123,8 @@ struct x509_store_st { 
    int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);

    /* Check certificate against CRL */

    int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);

    /* Check policy status of the chain */

    int (*check_policy) (X509_STORE_CTX *ctx);

    STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);

    STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);

    int (*cleanup) (X509_STORE_CTX *ctx);

crypto/x509/x509_lu.c

+11 −0
Original line number Diff line number Diff line
@@ -801,6 +801,17 @@ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx) 
    return ctx->cert_crl;

}



void X509_STORE_set_check_policy(X509_STORE *ctx,

                                 X509_STORE_CTX_check_policy_fn check_policy)

{

    ctx->check_policy = check_policy;

}



X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE *ctx)

{

    return ctx->check_policy;

}



void X509_STORE_set_lookup_certs(X509_STORE *ctx,

                                 X509_STORE_CTX_lookup_certs_fn lookup_certs)

{

crypto/x509/x509_vfy.c

+5 −2
Original line number Diff line number Diff line
@@ -2285,6 +2285,11 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, 
    else

        ctx->cert_crl = cert_crl;



    if (store && store->check_policy)

        ctx->check_policy = store->check_policy;

    else

        ctx->check_policy = check_policy;



    if (store && store->lookup_certs)

        ctx->lookup_certs = store->lookup_certs;

    else
@@ -2295,8 +2300,6 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, 
    else

        ctx->lookup_crls = X509_STORE_CTX_get1_crls;



    ctx->check_policy = check_policy;



    ctx->param = X509_VERIFY_PARAM_new();

    if (ctx->param == NULL) {

        X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);

include/openssl/x509_vfy.h

+3 −0
Original line number Diff line number Diff line
@@ -293,6 +293,9 @@ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE *ctx); 
void X509_STORE_set_cert_crl(X509_STORE *ctx,

                             X509_STORE_CTX_cert_crl_fn cert_crl);

X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx);

void X509_STORE_set_check_policy(X509_STORE *ctx,

                                 X509_STORE_CTX_check_policy_fn check_policy);

X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE *ctx);

void X509_STORE_set_lookup_certs(X509_STORE *ctx,

                                 X509_STORE_CTX_lookup_certs_fn lookup_certs);

X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE *ctx);