Change X509_VAL in X509 structure to embedded.

Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index d8d55b2ee1e64c7d2ed7aeadf8ac52774bab6f5d..c276874e69bd2c7a1206573a370e4d7baa5941be 100644 (file)
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -68,7 +68,7 @@ ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
         ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
         ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
         ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
-        ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
+        ASN1_EMBED(X509_CINF, validity, X509_VAL),
         ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
         ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
         ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),

diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index abf75cdb7a24161535e0d68f77604a15facdd623..5d576e91e577a41911832deb0ae3504af8a360ee 100644 (file)
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -95,9 +95,9 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
     if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0)
         goto err;
 
-    if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL)
+    if (X509_gmtime_adj(xi->validity.notBefore, 0) == NULL)
         goto err;
-    if (X509_gmtime_adj(xi->validity->notAfter, (long)60 * 60 * 24 * days) ==
+    if (X509_gmtime_adj(xi->validity.notAfter, (long)60 * 60 * 24 * days) ==
         NULL)
         goto err;
 

diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index cfff563ef47854c3a446542a91f3f5472e431c1e..0b0d4f5ab8876a1c42b46ddc9376fd5aaab81bbb 100644 (file)
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -114,14 +114,14 @@ int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
 {
     ASN1_TIME *in;
 
-    if ((x == NULL) || (x->cert_info->validity == NULL))
+    if (x == NULL)
         return (0);
-    in = x->cert_info->validity->notBefore;
+    in = x->cert_info->validity.notBefore;
     if (in != tm) {
         in = ASN1_STRING_dup(tm);
         if (in != NULL) {
-            ASN1_TIME_free(x->cert_info->validity->notBefore);
-            x->cert_info->validity->notBefore = in;
+            ASN1_TIME_free(x->cert_info->validity.notBefore);
+            x->cert_info->validity.notBefore = in;
         }
     }
     return (in != NULL);
@@ -131,14 +131,14 @@ int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
 {
     ASN1_TIME *in;
 
-    if ((x == NULL) || (x->cert_info->validity == NULL))
+    if (x == NULL)
         return (0);
-    in = x->cert_info->validity->notAfter;
+    in = x->cert_info->validity.notAfter;
     if (in != tm) {
         in = ASN1_STRING_dup(tm);
         if (in != NULL) {
-            ASN1_TIME_free(x->cert_info->validity->notAfter);
-            x->cert_info->validity->notAfter = in;
+            ASN1_TIME_free(x->cert_info->validity.notAfter);
+            x->cert_info->validity.notAfter = in;
         }
     }
     return (in != NULL);
@@ -163,12 +163,12 @@ long X509_get_version(X509 *x)
 
 ASN1_TIME * X509_get_notBefore(X509 *x)
 {
-    return x->cert_info->validity->notBefore;
+    return x->cert_info->validity.notBefore;
 }
 
 ASN1_TIME *X509_get_notAfter(X509 *x)
 {
-    return x->cert_info->validity->notAfter;
+    return x->cert_info->validity.notAfter;
 }
 
 int X509_get_signature_type(const X509 *x)

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 751150daecbdd8b19c82bee3b41f81c22afe295f..d0933b0cb0e34d529f4822e5b5403902637586a4 100644 (file)
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -169,7 +169,7 @@ typedef struct x509_cinf_st {
     ASN1_INTEGER *serialNumber;
     X509_ALGOR *signature;
     X509_NAME *issuer;
-    X509_VAL *validity;
+    X509_VAL validity;
     X509_NAME *subject;
     X509_PUBKEY *key;
     ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */