Loading crypto/x509/x509_vfy.c +5 −0 Original line number Diff line number Diff line Loading @@ -1999,6 +1999,11 @@ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) return ctx->current_cert; } void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x) { ctx->current_cert = x; } STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx) { return ctx->chain; Loading doc/crypto/X509_STORE_CTX_get_error.pod +23 −6 Original line number Diff line number Diff line Loading @@ -4,8 +4,10 @@ X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information =head1 SYNOPSIS Loading @@ -17,6 +19,7 @@ X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificat int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth); X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x); X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); Loading Loading @@ -44,11 +47,23 @@ X509_STORE_CTX_set_error_depth() sets the error B<depth>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected. X509_STORE_CTX_get0_cert() returns the leaf certificate being verified. X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which caused the error or B<NULL> if no certificate is relevant. X509_STORE_CTX_set_current_cert() sets the certificate B<x> in B<ctx> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via L<X509_up_ref(3)>. Once such a I<saved> certificate is no longer needed it can be freed with L<X509_free(3)>. X509_STORE_CTX_get0_cert() returns the leaf certificate being verified. X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is B<not> successful the returned chain may be incomplete or invalid. The Loading Loading @@ -307,7 +322,9 @@ thread safe but will never happen unless an invalid code is passed. =head1 SEE ALSO L<X509_verify_cert(3)> L<X509_verify_cert(3)>, L<X509_up_ref(3)>, L<X509_free(3)>. =head1 HISTORY Loading include/openssl/x509_vfy.h +1 −0 Original line number Diff line number Diff line Loading @@ -372,6 +372,7 @@ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s); int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth); X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x); X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx); X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx); X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx); Loading Loading
crypto/x509/x509_vfy.c +5 −0 Original line number Diff line number Diff line Loading @@ -1999,6 +1999,11 @@ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) return ctx->current_cert; } void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x) { ctx->current_cert = x; } STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx) { return ctx->chain; Loading
doc/crypto/X509_STORE_CTX_get_error.pod +23 −6 Original line number Diff line number Diff line Loading @@ -4,8 +4,10 @@ X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information X509_STORE_CTX_get_current_cert, X509_STORE_CTX_set_current_cert, X509_STORE_CTX_get0_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information =head1 SYNOPSIS Loading @@ -17,6 +19,7 @@ X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificat int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth); X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x); X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx); STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); Loading Loading @@ -44,11 +47,23 @@ X509_STORE_CTX_set_error_depth() sets the error B<depth>. This can be used in combination with X509_STORE_CTX_set_error() to set the depth at which an error condition was detected. X509_STORE_CTX_get0_cert() returns the leaf certificate being verified. X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which caused the error or B<NULL> if no certificate is relevant. X509_STORE_CTX_set_current_cert() sets the certificate B<x> in B<ctx> which caused the error. This value is not intended to remain valid for very long, and remains owned by the caller. It may be examined by a verification callback invoked to handle each error encountered during chain verification and is no longer required after such a callback. If a callback wishes the save the certificate for use after it returns, it needs to increment its reference count via L<X509_up_ref(3)>. Once such a I<saved> certificate is no longer needed it can be freed with L<X509_free(3)>. X509_STORE_CTX_get0_cert() returns the leaf certificate being verified. X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous call to X509_verify_cert() is successful. If the call to X509_verify_cert() is B<not> successful the returned chain may be incomplete or invalid. The Loading Loading @@ -307,7 +322,9 @@ thread safe but will never happen unless an invalid code is passed. =head1 SEE ALSO L<X509_verify_cert(3)> L<X509_verify_cert(3)>, L<X509_up_ref(3)>, L<X509_free(3)>. =head1 HISTORY Loading
include/openssl/x509_vfy.h +1 −0 Original line number Diff line number Diff line Loading @@ -372,6 +372,7 @@ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s); int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth); X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x); X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx); X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx); X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx); Loading
Rich Salz <rsalz@openssl.org>Rich Salz <rsalz@openssl.org>