As ftruncate is not availabe on all platforms, switch back to

[oweals/openssl.git] / crypto / asn1 / x_x509.c

diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index 3352c61c60b96ba79f37de2484575f86f8b442a7..ee3213045ed2cd23a279474d634c877c16a8f40f 100644 (file)
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -118,6 +118,7 @@ X509 *X509_new(void)
        ret->valid=0;
        ret->ex_flags = 0;
        ret->name=NULL;
+       ret->aux=NULL;
        M_ASN1_New(ret->cert_info,X509_CINF_new);
        M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
        M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
@@ -149,6 +150,7 @@ void X509_free(X509 *a)
        X509_CINF_free(a->cert_info);
        X509_ALGOR_free(a->sig_alg);
        M_ASN1_BIT_STRING_free(a->signature);
+       X509_CERT_AUX_free(a->aux);
 
        if (a->name != NULL) Free(a->name);
        Free((char *)a);
@@ -172,3 +174,37 @@ char *X509_get_ex_data(X509 *r, int idx)
        return(CRYPTO_get_ex_data(&r->ex_data,idx));
        }
 
+/* X509_AUX ASN1 routines. X509_AUX is the name given to
+ * a certificate with extra info tagged on the end. Since these
+ * functions set how a certificate is trusted they should only
+ * be used when the certificate comes from a reliable source
+ * such as local storage.
+ *
+ */
+
+X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
+{
+       unsigned char *q;
+       X509 *ret;
+       /* Save start position */
+       q = *pp;
+       ret = d2i_X509(a, pp, length);
+       /* If certificate unreadable then forget it */
+       if(!ret) return NULL;
+       /* update length */
+       length -= *pp - q;
+       if(!length) return ret;
+       if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
+       return ret;
+       err:
+       X509_free(ret);
+       return NULL;
+}
+
+int i2d_X509_AUX(X509 *a, unsigned char **pp)
+{
+       int length;
+       length = i2d_X509(a, pp);
+       if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
+       return length;
+}