Add missing functions to allow access to newer X509_STORE_CTX status

author Dr. Stephen Henson <steve@openssl.org>

Sat, 31 Oct 2009 19:21:47 +0000 (19:21 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 31 Oct 2009 19:21:47 +0000 (19:21 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 31 Oct 2009 19:21:47 +0000 (19:21 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 31 Oct 2009 19:21:47 +0000 (19:21 +0000)
diff --git a/apps/verify.c b/apps/verify.c

index c0be253db23329c713307f419bc187e505b19bb3..9163997e93c5e62118ba841f1e40352eedfa172a 100644 (file)
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -310,7 +310,9 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
                                 0, XN_FLAG_ONELINE);
                         printf("\n");
                         }
-               printf("error %d at %d depth lookup:%s\n",cert_error,
+               printf("%serror %d at %d depth lookup:%s\n",
+                       X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
+                       cert_error,
                         X509_STORE_CTX_get_error_depth(ctx),
                         X509_verify_cert_error_string(cert_error));
                 switch(cert_error)
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c

index f5f632a45dd45dd62dd2136f5add5cb76de05b03..514573325e2c64a5d351ce545e1fffafa369b340 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1879,6 +1879,21 @@ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
         return chain;
         }
  
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
+       {
+       return ctx->current_issuer;
+       }
+
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
+       {
+       return ctx->current_crl;
+       }
+
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
+       {
+       return ctx->parent;
+       }
+
  void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
         {
         ctx->cert=x;
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h

index acb713a6e510045402a57e1eb4c5e8a8a0f3dfb5..fe09b30aaa62dff07d2735de0ae4596a7974a530 100644 (file)
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -480,6 +480,9 @@ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
  void   X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
  int    X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
  X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
  STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
  STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
  void   X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 31 Oct 2009 19:21:47 +0000 (19:21 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 31 Oct 2009 19:21:47 +0000 (19:21 +0000)
apps/verify.c		patch \| blob \| history
crypto/x509/x509_vfy.c		patch \| blob \| history
crypto/x509/x509_vfy.h		patch \| blob \| history