Loading CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,11 @@ *) applies to 0.9.6a (/0.9.6b) and 0.9.7 +) applies to 0.9.7 only +) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle setting of purpose and trust fields. New X509_STORE trust and purpose functions and tidy up setting in other SSL functions. [Steve Henson] +) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE structure. These are inherited by X509_STORE_CTX when it is initialised. This allows various defaults to be set in the Loading crypto/x509/x509.h +4 −1 Original line number Diff line number Diff line Loading @@ -886,6 +886,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len); int X509_keyid_set1(X509 *x, unsigned char *id, int len); unsigned char * X509_alias_get0(X509 *x, int *len); int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); int X509_TRUST_set(int *t, int trust); int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); void X509_trust_clear(X509 *x); Loading Loading @@ -1173,6 +1174,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_X509_strings(void); /* Error codes for the X509 functions. */ Loading Loading @@ -1214,6 +1216,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 #define X509_F_X509_TO_X509_REQ 126 #define X509_F_X509_TRUST_ADD 133 #define X509_F_X509_TRUST_SET 141 #define X509_F_X509_VERIFY_CERT 127 /* Reason codes. */ Loading @@ -1224,6 +1227,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); #define X509_R_ERR_ASN1_LIB 102 #define X509_R_INVALID_DIRECTORY 113 #define X509_R_INVALID_FIELD_NAME 119 #define X509_R_INVALID_TRUST 123 #define X509_R_KEY_TYPE_MISMATCH 115 #define X509_R_KEY_VALUES_MISMATCH 116 #define X509_R_LOADING_CERT_DIR 103 Loading @@ -1244,4 +1248,3 @@ int X509_TRUST_get_trust(X509_TRUST *xp); } #endif #endif crypto/x509/x509_err.c +2 −0 Original line number Diff line number Diff line Loading @@ -103,6 +103,7 @@ static ERR_STRING_DATA X509_str_functs[]= {ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0), "X509_STORE_CTX_purpose_inherit"}, {ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, {ERR_PACK(0,X509_F_X509_TRUST_ADD,0), "X509_TRUST_add"}, {ERR_PACK(0,X509_F_X509_TRUST_SET,0), "X509_TRUST_set"}, {ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, {0,NULL} }; Loading @@ -116,6 +117,7 @@ static ERR_STRING_DATA X509_str_reasons[]= {X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, {X509_R_INVALID_DIRECTORY ,"invalid directory"}, {X509_R_INVALID_FIELD_NAME ,"invalid field name"}, {X509_R_INVALID_TRUST ,"invalid trust"}, {X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"}, {X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"}, {X509_R_LOADING_CERT_DIR ,"loading cert dir"}, Loading crypto/x509/x509_lu.c +11 −0 Original line number Diff line number Diff line Loading @@ -60,6 +60,7 @@ #include "cryptlib.h" #include <openssl/lhash.h> #include <openssl/x509.h> #include <openssl/x509v3.h> static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL; Loading Loading @@ -544,5 +545,15 @@ void X509_STORE_set_flags(X509_STORE *ctx, long flags) ctx->flags |= flags; } int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) { return X509_PURPOSE_set(&ctx->purpose, purpose); } int X509_STORE_set_trust(X509_STORE *ctx, int trust) { return X509_TRUST_set(&ctx->trust, trust); } IMPLEMENT_STACK_OF(X509_LOOKUP) IMPLEMENT_STACK_OF(X509_OBJECT) crypto/x509/x509_trs.c +10 −0 Original line number Diff line number Diff line Loading @@ -144,6 +144,16 @@ int X509_TRUST_get_by_id(int id) return idx + X509_TRUST_COUNT; } int X509_TRUST_set(int *t, int trust) { if(X509_TRUST_get_by_id(trust) == -1) { X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST); return 0; } *t = trust; return 1; } int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), char *name, int arg1, void *arg2) { Loading Loading
CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -11,6 +11,11 @@ *) applies to 0.9.6a (/0.9.6b) and 0.9.7 +) applies to 0.9.7 only +) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle setting of purpose and trust fields. New X509_STORE trust and purpose functions and tidy up setting in other SSL functions. [Steve Henson] +) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE structure. These are inherited by X509_STORE_CTX when it is initialised. This allows various defaults to be set in the Loading
crypto/x509/x509.h +4 −1 Original line number Diff line number Diff line Loading @@ -886,6 +886,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len); int X509_keyid_set1(X509 *x, unsigned char *id, int len); unsigned char * X509_alias_get0(X509 *x, int *len); int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); int X509_TRUST_set(int *t, int trust); int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); void X509_trust_clear(X509 *x); Loading Loading @@ -1173,6 +1174,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_X509_strings(void); /* Error codes for the X509 functions. */ Loading Loading @@ -1214,6 +1216,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 #define X509_F_X509_TO_X509_REQ 126 #define X509_F_X509_TRUST_ADD 133 #define X509_F_X509_TRUST_SET 141 #define X509_F_X509_VERIFY_CERT 127 /* Reason codes. */ Loading @@ -1224,6 +1227,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp); #define X509_R_ERR_ASN1_LIB 102 #define X509_R_INVALID_DIRECTORY 113 #define X509_R_INVALID_FIELD_NAME 119 #define X509_R_INVALID_TRUST 123 #define X509_R_KEY_TYPE_MISMATCH 115 #define X509_R_KEY_VALUES_MISMATCH 116 #define X509_R_LOADING_CERT_DIR 103 Loading @@ -1244,4 +1248,3 @@ int X509_TRUST_get_trust(X509_TRUST *xp); } #endif #endif
crypto/x509/x509_err.c +2 −0 Original line number Diff line number Diff line Loading @@ -103,6 +103,7 @@ static ERR_STRING_DATA X509_str_functs[]= {ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0), "X509_STORE_CTX_purpose_inherit"}, {ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, {ERR_PACK(0,X509_F_X509_TRUST_ADD,0), "X509_TRUST_add"}, {ERR_PACK(0,X509_F_X509_TRUST_SET,0), "X509_TRUST_set"}, {ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, {0,NULL} }; Loading @@ -116,6 +117,7 @@ static ERR_STRING_DATA X509_str_reasons[]= {X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, {X509_R_INVALID_DIRECTORY ,"invalid directory"}, {X509_R_INVALID_FIELD_NAME ,"invalid field name"}, {X509_R_INVALID_TRUST ,"invalid trust"}, {X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"}, {X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"}, {X509_R_LOADING_CERT_DIR ,"loading cert dir"}, Loading
crypto/x509/x509_lu.c +11 −0 Original line number Diff line number Diff line Loading @@ -60,6 +60,7 @@ #include "cryptlib.h" #include <openssl/lhash.h> #include <openssl/x509.h> #include <openssl/x509v3.h> static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL; Loading Loading @@ -544,5 +545,15 @@ void X509_STORE_set_flags(X509_STORE *ctx, long flags) ctx->flags |= flags; } int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) { return X509_PURPOSE_set(&ctx->purpose, purpose); } int X509_STORE_set_trust(X509_STORE *ctx, int trust) { return X509_TRUST_set(&ctx->trust, trust); } IMPLEMENT_STACK_OF(X509_LOOKUP) IMPLEMENT_STACK_OF(X509_OBJECT)
crypto/x509/x509_trs.c +10 −0 Original line number Diff line number Diff line Loading @@ -144,6 +144,16 @@ int X509_TRUST_get_by_id(int id) return idx + X509_TRUST_COUNT; } int X509_TRUST_set(int *t, int trust) { if(X509_TRUST_get_by_id(trust) == -1) { X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST); return 0; } *t = trust; return 1; } int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), char *name, int arg1, void *arg2) { Loading
