Commit 79aa04ef authored by Geoff Thorpe's avatar Geoff Thorpe
Browse files

Make the necessary changes to work with the recent "ex_data" overhaul. 

See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
parent 3a079997

apps/Makefile.ssl

+2 −2
Original line number Diff line number Diff line
@@ -772,8 +772,8 @@ speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h 
speed.o: ../include/openssl/sha.h ../include/openssl/stack.h

speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h

speed.o: ../include/openssl/types.h ../include/openssl/ui.h

speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h

speed.o: ./testrsa.h apps.h speed.c

speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h speed.c

speed.o: testdsa.h testrsa.h

spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h

spkac.o: ../include/openssl/bn.h ../include/openssl/buffer.h

spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h

apps/apps.h

+1 −1
Original line number Diff line number Diff line
@@ -140,7 +140,7 @@ extern BIO *bio_err; 
		ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)

#  endif

#  define apps_shutdown() \

		destroy_ui_method()

		do { destroy_ui_method(); CRYPTO_cleanup_all_ex_data(); } while(0)

#endif



typedef struct args_st

apps/crl.c

+5 −1
Original line number Diff line number Diff line
@@ -235,7 +235,11 @@ bad: 
			X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);

		ERR_clear_error();



		X509_STORE_CTX_init(&ctx, store, NULL, NULL);

		if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {

			BIO_printf(bio_err,

				"Error initialising X509 store\n");

			goto end;

		}



		i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, 

					X509_CRL_get_issuer(x), &xobj);

apps/pkcs12.c

+3 −0
Original line number Diff line number Diff line
@@ -810,6 +810,9 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) 
	STACK_OF(X509) *chn;

	int i;



	/* FIXME: Should really check the return status of X509_STORE_CTX_init

	 * for an error, but how that fits into the return value of this

	 * function is less obvious. */

	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);

	if (X509_verify_cert(&store_ctx) <= 0) {

		i = X509_STORE_CTX_get_error (&store_ctx);

apps/verify.c

+5 −1
Original line number Diff line number Diff line
@@ -249,7 +249,11 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X 
		goto end;

		}

	X509_STORE_set_flags(ctx, vflags);

	X509_STORE_CTX_init(csc,ctx,x,uchain);

	if(!X509_STORE_CTX_init(csc,ctx,x,uchain))

		{

		ERR_print_errors(bio_err);

		goto end;

		}

	if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);

	if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose);

	i=X509_verify_cert(csc);