Fix X509_STORE_CTX_init. Make indentation more consistent. Dump core less often.

{

	int i;

	X509 *issuer;

	for(i = 0; i < sk_X509_num(sk); i++) {

	for(i = 0; i < sk_X509_num(sk); i++)

		{

		issuer = sk_X509_value(sk, i);

		if(ctx->check_issued(ctx, x, issuer)) return issuer;

		if(ctx->check_issued(ctx, x, issuer))

			return issuer;

		}

	return NULL;

}

{

	int ret;

	ret = X509_check_issued(issuer, x);

	if(ret == X509_V_OK) return 1;

	else {

	if (ret == X509_V_OK)

		return 1;

	else

		{

		ctx->error = ret;

		ctx->current_cert = x;

		ctx->current_issuer = issuer;

			if(ctx->flags &	X509_V_FLAG_CB_ISSUER_CHECK)

		if ((ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK) && ctx->verify_cb)

			return ctx->verify_cb(0, ctx);

			else return 0;

		else

			return 0;

		}

	return 0;

}

static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)

{

	*issuer = find_issuer(ctx, ctx->other_ctx, x);

	if(*issuer) {

	if (*issuer)

		{

		CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);

		return 1;

	} else return 0;

		}

	else

		return 0;

}

	cb=ctx->verify_cb;

	if (cb == NULL) cb=null_callback;

	/* Check all untrusted certificates */

	for(i = 0; i < ctx->last_untrusted; i++) {

	for(i = 0; i < ctx->last_untrusted; i++)

		{

		x = sk_X509_value(ctx->chain, i);

		if(!X509_check_purpose(x, ctx->purpose, i)) {

			if(i) ctx->error = X509_V_ERR_INVALID_CA;

			else ctx->error = X509_V_ERR_INVALID_PURPOSE;

		if (!X509_check_purpose(x, ctx->purpose, i))

			{

			if (i)

				ctx->error = X509_V_ERR_INVALID_CA;

			else

				ctx->error = X509_V_ERR_INVALID_PURPOSE;

			ctx->error_depth = i;

			ctx->current_cert = x;

			ok=cb(0,ctx);

			}

		/* Check pathlen */

		if((i > 1) && (x->ex_pathlen != -1)

					&& (i > (x->ex_pathlen + 1))) {

			   && (i > (x->ex_pathlen + 1)))

			{

			ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;

			ctx->error_depth = i;

			ctx->current_cert = x;

	i = sk_X509_num(ctx->chain) - 1;

	x = sk_X509_value(ctx->chain, i);

	ok = X509_check_trust(x, ctx->trust, 0);

	if(ok == X509_TRUST_TRUSTED) return 1;

	if (ok == X509_TRUST_TRUSTED)

		return 1;

	ctx->error_depth = sk_X509_num(ctx->chain) - 1;

	ctx->current_cert = x;

	if(ok == X509_TRUST_REJECTED) ctx->error = X509_V_ERR_CERT_REJECTED;

	else ctx->error = X509_V_ERR_CERT_UNTRUSTED;

	if (ok == X509_TRUST_REJECTED)

		ctx->error = X509_V_ERR_CERT_REJECTED;

	else

		ctx->error = X509_V_ERR_CERT_UNTRUSTED;

	ok = cb(0, ctx);

	return(ok);

#endif

	ctx->error_depth=n-1;

	n--;

	xi=sk_X509_value(ctx->chain,n);

	if(ctx->flags & X509_V_FLAG_USE_CHECK_TIME) ptime = &ctx->check_time;

	else ptime = NULL;

	if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)

		ptime = &ctx->check_time;

	else

		ptime = NULL;

	if (ctx->check_issued(ctx, xi, xi))

		xs=xi;

	else

	p=buff1;

	i=ctm->length;

	str=(char *)ctm->data;

	if(ctm->type == V_ASN1_UTCTIME) {

	if (ctm->type == V_ASN1_UTCTIME)

		{

		if ((i < 11) || (i > 17)) return(0);

		memcpy(p,str,10);

		p+=10;

		str+=10;

	} else {

		}

	else

		{

		if (i < 13) return 0;

		memcpy(p,str,12);

		p+=12;

	X509 *x;

	STACK_OF(X509) *chain;

	if(!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;

	for(i = 0; i < sk_X509_num(chain); i++) {

	for(i = 0; i < sk_X509_num(chain); i++)

		{

		x = sk_X509_value(chain, i);

		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);

		}

	/* If purpose not set use default */

	if (!purpose) purpose = def_purpose;

	/* If we have a purpose then check it is valid */

	if(purpose) {

	if (purpose)

		{

		X509_PURPOSE *ptmp;

		idx = X509_PURPOSE_get_by_id(purpose);

		if(idx == -1) {

		if(idx == -1)

			{

			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,

						X509_R_UNKNOWN_PURPOSE_ID);

			return 0;

			}

		ptmp = X509_PURPOSE_get0(idx);

		if(ptmp->trust == X509_TRUST_DEFAULT) {

		if(ptmp->trust == X509_TRUST_DEFAULT)

			{

			idx = X509_PURPOSE_get_by_id(def_purpose);

			if(idx == -1) {

			if(idx == -1)

				{

				X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,

						X509_R_UNKNOWN_PURPOSE_ID);

				return 0;

		/* If trust not set then get from purpose default */

		if(!trust) trust = ptmp->trust;

		}

	if(trust) {

	if(trust)

		{

		idx = X509_TRUST_get_by_id(trust);

		if(idx == -1) {

		if(idx == -1)

			{

			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,

						X509_R_UNKNOWN_TRUST_ID);

			return 0;

	ctx->last_untrusted=0;

	ctx->purpose=0;

	ctx->trust=0;

	ctx->check_time=0;

	ctx->flags=0;

	ctx->other_ctx=NULL;

	ctx->valid=0;

	ctx->chain=NULL;

	ctx->depth=9;

	ctx->error=0;

	ctx->error_depth=0;

	ctx->current_cert=NULL;

	ctx->current_issuer=NULL;

	ctx->check_issued = check_issued;

	ctx->get_issuer = X509_STORE_CTX_get1_issuer;

	ctx->verify_cb = store->verify_cb;

	ctx->verify = store->verify;

	ctx->cleanup = NULL;

	ctx->cleanup = 0;

	memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA));

	}

			    X509_OBJECT *ret);

	} X509_LOOKUP_METHOD;

typedef struct x509_store_state_st X509_STORE_CTX;

typedef struct x509_store_ctx_st X509_STORE_CTX;

/* This is used to hold everything.  It is used for all certificate

 * validation.  Once we have a certificate chain, the 'verify'

/* This is a used when verifying cert chains.  Since the

 * gathering of the cert chain can take some time (and have to be

 * 'retried', this needs to be kept and passed around. */

struct x509_store_state_st      /* X509_STORE_CTX */

struct x509_store_ctx_st      /* X509_STORE_CTX */

	{

	X509_STORE *ctx;

	int current_method;	/* used when looking up certs */