Commit 85c9ba23 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Support setting of "no purpose" for trust. 

If the oid parameter is set to NULL in X509_add1_trust_object
create an empty list of trusted purposes corresponding to
"no purpose" if trust is checked.
parent 5fad2c93

crypto/asn1/x_x509a.c

+19 −8
Original line number Diff line number Diff line
@@ -137,12 +137,23 @@ unsigned char *X509_keyid_get0(X509 *x, int *len) 
int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)

	{

	X509_CERT_AUX *aux;

	ASN1_OBJECT *objtmp;

	if(!(objtmp = OBJ_dup(obj))) return 0;

	if(!(aux = aux_get(x))) return 0;

	if(!aux->trust

		&& !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;

	return sk_ASN1_OBJECT_push(aux->trust, objtmp);

	ASN1_OBJECT *objtmp = NULL;

	if (obj)

		{

		objtmp = OBJ_dup(obj);

		if (!objtmp)

			return 0;

		}

	if(!(aux = aux_get(x)))

		goto err;

	if(!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))

			goto err;

	if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp))

		return 1;

	err:

	if (objtmp)

		ASN1_OBJECT_free(objtmp);

	return 0;

	}



int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)