goto end;
}
- xobj = X509_STORE_get_X509_by_subject(ctx, X509_LU_X509,
- X509_CRL_get_issuer(x));
+ xobj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509,
+ X509_CRL_get_issuer(x));
if (xobj == NULL) {
BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
goto end;
SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
NULL, NULL))
goto err;
- obj = X509_STORE_get_X509_by_subject(inctx, X509_LU_X509,
- X509_get_issuer_name(x));
+ obj = X509_STORE_CTX_get_obj_by_subject(inctx, X509_LU_X509,
+ X509_get_issuer_name(x));
if (obj == NULL) {
BIO_puts(bio_err, "cert_status: Can't retrieve issuer certificate.\n");
goto done;
/*
+ * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
-*/
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
*/
#include <stdio.h>
"X509_NAME_ENTRY_set_object"},
{ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
{ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
+ {ERR_FUNC(X509_F_X509_OBJECT_NEW), "X509_OBJECT_new"},
{ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
{ERR_FUNC(X509_F_X509_PUBKEY_DECODE), "x509_pubkey_decode"},
{ERR_FUNC(X509_F_X509_PUBKEY_GET0), "X509_PUBKEY_get0"},
{ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
"X509_STORE_CTX_purpose_inherit"},
- {ERR_FUNC(X509_F_X509_STORE_GET_X509_BY_SUBJECT),
- "X509_STORE_get_X509_by_subject"},
{ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
{ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
{ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
}
}
-X509_OBJECT *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, int type,
- X509_NAME *name)
+X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, int type,
+ X509_NAME *name)
{
- X509_OBJECT *ret;
+ X509_OBJECT *ret = X509_OBJECT_new();
- ret = OPENSSL_malloc(sizeof (*ret));
- if (ret == NULL) {
- X509err(X509_F_X509_STORE_GET_X509_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
+ if (ret == NULL)
return NULL;
- }
- if (!X509_STORE_get_by_subject(vs, type, name, ret)) {
- OPENSSL_free(ret);
+ if (!X509_STORE_CTX_get_by_subject(vs, type, name, ret)) {
+ X509_OBJECT_free(ret);
return NULL;
}
return ret;
}
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
- X509_NAME *name, X509_OBJECT *ret)
+int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
+ X509_NAME *name, X509_OBJECT *ret)
{
X509_STORE *ctx = vs->ctx;
X509_LOOKUP *lu;
return 0;
}
-/*- if (ret->data.ptr != NULL)
- X509_OBJECT_free_contents(ret); */
-
ret->type = tmp->type;
ret->data.ptr = tmp->data.ptr;
if (x == NULL)
return 0;
- obj = OPENSSL_malloc(sizeof(*obj));
- if (obj == NULL) {
- X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
+ obj = X509_OBJECT_new();
+ if (obj == NULL)
return 0;
- }
obj->type = X509_LU_X509;
obj->data.x509 = x;
X509_OBJECT_up_ref_count(obj);
if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
- X509_OBJECT_free_contents(obj);
- OPENSSL_free(obj);
+ X509_OBJECT_free(obj);
X509err(X509_F_X509_STORE_ADD_CERT,
X509_R_CERT_ALREADY_IN_HASH_TABLE);
ret = 0;
if (x == NULL)
return 0;
- obj = OPENSSL_malloc(sizeof(*obj));
- if (obj == NULL) {
- X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
+ obj = X509_OBJECT_new();
+ if (obj == NULL)
return 0;
- }
obj->type = X509_LU_CRL;
obj->data.crl = x;
X509_OBJECT_up_ref_count(obj);
if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
- X509_OBJECT_free_contents(obj);
- OPENSSL_free(obj);
+ X509_OBJECT_free(obj);
X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE);
ret = 0;
} else
X509 *X509_OBJECT_get0_X509(X509_OBJECT *a)
{
+ if (a == NULL || a->type != X509_LU_X509)
+ return NULL;
return a->data.x509;
}
+X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a)
+{
+ if (a == NULL || a->type != X509_LU_CRL)
+ return NULL;
+ return a->data.crl;
+}
+
int X509_OBJECT_get_type(X509_OBJECT *a)
{
return a->type;
}
-void X509_OBJECT_free(X509_OBJECT *a)
+X509_OBJECT *X509_OBJECT_new()
{
- if (a == NULL)
- return;
- X509_OBJECT_free_contents(a);
- OPENSSL_free(a);
+ X509_OBJECT *ret = OPENSSL_zalloc(sizeof(*ret));
+
+ if (ret == NULL) {
+ X509err(X509_F_X509_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ ret->type = X509_LU_FAIL;
+ return ret;
}
-void X509_OBJECT_free_contents(X509_OBJECT *a)
+
+void X509_OBJECT_free(X509_OBJECT *a)
{
if (a == NULL)
return;
X509_CRL_free(a->data.crl);
break;
}
+ OPENSSL_free(a);
}
static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
return v->objs;
}
-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
{
int i, idx, cnt;
- STACK_OF(X509) *sk;
+ STACK_OF(X509) *sk = NULL;
X509 *x;
X509_OBJECT *obj;
- sk = sk_X509_new_null();
+
CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
if (idx < 0) {
* Nothing found in cache: do lookup to possibly add new objects to
* cache
*/
- X509_OBJECT xobj;
+ X509_OBJECT *xobj = X509_OBJECT_new();
+
CRYPTO_THREAD_unlock(ctx->ctx->lock);
- if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
- sk_X509_free(sk);
+ if (xobj == NULL)
+ return NULL;
+ if (!X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, nm, xobj)) {
+ X509_OBJECT_free(xobj);
return NULL;
}
- X509_OBJECT_free_contents(&xobj);
+ X509_OBJECT_free(xobj);
CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
if (idx < 0) {
CRYPTO_THREAD_unlock(ctx->ctx->lock);
- sk_X509_free(sk);
return NULL;
}
}
+
+ sk = sk_X509_new_null();
for (i = 0; i < cnt; i++, idx++) {
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
x = obj->data.x509;
}
CRYPTO_THREAD_unlock(ctx->ctx->lock);
return sk;
-
}
-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
+STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
{
int i, idx, cnt;
- STACK_OF(X509_CRL) *sk;
+ STACK_OF(X509_CRL) *sk = sk_X509_CRL_new_null();
X509_CRL *x;
- X509_OBJECT *obj, xobj;
- sk = sk_X509_CRL_new_null();
+ X509_OBJECT *obj, *xobj = X509_OBJECT_new();
- /*
- * Always do lookup to possibly add new CRLs to cache
- */
- if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
+ /* Always do lookup to possibly add new CRLs to cache */
+ if (sk == NULL || xobj == NULL ||
+ !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
+ X509_OBJECT_free(xobj);
sk_X509_CRL_free(sk);
return NULL;
}
- X509_OBJECT_free_contents(&xobj);
+ X509_OBJECT_free(xobj);
CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
if (idx < 0) {
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
{
X509_NAME *xn;
- X509_OBJECT obj, *pobj;
+ X509_OBJECT *obj = X509_OBJECT_new(), *pobj = NULL;
int i, ok, idx, ret;
+ if (obj == NULL)
+ return -1;
*issuer = NULL;
xn = X509_get_issuer_name(x);
- ok = X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj);
+ ok = X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, xn, obj);
if (ok != X509_LU_X509) {
+ X509_OBJECT_free(obj);
if (ok == X509_LU_RETRY) {
- X509_OBJECT_free_contents(&obj);
X509err(X509_F_X509_STORE_CTX_GET1_ISSUER, X509_R_SHOULD_RETRY);
return -1;
- } else if (ok != X509_LU_FAIL) {
- X509_OBJECT_free_contents(&obj);
+ }
+ if (ok != X509_LU_FAIL) {
/* not good :-(, break anyway */
return -1;
}
return 0;
}
/* If certificate matches all OK */
- if (ctx->check_issued(ctx, x, obj.data.x509)) {
- if (x509_check_cert_time(ctx, obj.data.x509, -1)) {
- *issuer = obj.data.x509;
+ if (ctx->check_issued(ctx, x, obj->data.x509)) {
+ if (x509_check_cert_time(ctx, obj->data.x509, -1)) {
+ *issuer = obj->data.x509;
+ X509_up_ref(*issuer);
+ X509_OBJECT_free(obj);
return 1;
}
}
- X509_OBJECT_free_contents(&obj);
+ X509_OBJECT_free(obj);
/* Else find index of first cert accepted by 'check_issued' */
ret = 0;
if (store && store->lookup_certs)
ctx->lookup_certs = store->lookup_certs;
else
- ctx->lookup_certs = X509_STORE_get1_certs;
+ ctx->lookup_certs = X509_STORE_CTX_get1_certs;
if (store && store->lookup_crls)
ctx->lookup_crls = store->lookup_crls;
else
- ctx->lookup_crls = X509_STORE_get1_crls;
+ ctx->lookup_crls = X509_STORE_CTX_get1_crls;
ctx->check_policy = check_policy;
int X509_TRUST_get_trust(X509_TRUST *xp);
/* BEGIN ERROR CODES */
+
/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
+ * Content after this point is generated by util/mkerr.pl
+ * DO NOT EDIT!
*/
void ERR_load_X509_strings(void);
-
/* Error codes for the X509 functions. */
/* Function codes. */
# define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
# define X509_F_X509_NAME_ONELINE 116
# define X509_F_X509_NAME_PRINT 117
+# define X509_F_X509_OBJECT_NEW 150
# define X509_F_X509_PRINT_EX_FP 118
# define X509_F_X509_PUBKEY_DECODE 148
# define X509_F_X509_PUBKEY_GET0 119
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
X509_OBJECT *x);
int X509_OBJECT_up_ref_count(X509_OBJECT *a);
+X509_OBJECT *X509_OBJECT_new(void);
void X509_OBJECT_free(X509_OBJECT *a);
int X509_OBJECT_get_type(X509_OBJECT *a);
X509 *X509_OBJECT_get0_X509(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a);
X509_STORE *X509_STORE_new(void);
void X509_STORE_free(X509_STORE *v);
int X509_STORE_up_ref(X509_STORE *v);
STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
# define X509_STORE_CTX_get_chain X509_STORE_CTX_get0_chain
# define X509_STORE_CTX_set_chain X509_STORE_CTX_set0_untrusted
# define X509_STORE_CTX_trusted_stack X509_STORE_CTX_set0_trusted_stack
+# define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject
+# define X509_STORE_get1_cert X509_STORE_CTX_get1_certs
+# define X509_STORE_get1_crl X509_STORE_CTX_get1_crls
#endif
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
- X509_OBJECT *ret);
-X509_OBJECT *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, int type,
- X509_NAME *name);
+int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, int type,
+ X509_NAME *name);
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
d2i_DSA_PUBKEY 412 1_1_0 EXIST::FUNCTION:DSA
BN_CTX_get 413 1_1_0 EXIST::FUNCTION:
BN_to_montgomery 414 1_1_0 EXIST::FUNCTION:
-X509_OBJECT_free_contents 415 1_1_0 EXIST::FUNCTION:
+X509_OBJECT_get0_X509_CRL 415 1_1_0 EXIST::FUNCTION:
EVP_camellia_128_cfb8 416 1_1_0 EXIST::FUNCTION:CAMELLIA
EC_KEY_METHOD_free 417 1_1_0 EXIST::FUNCTION:EC
TS_TST_INFO_set_policy_id 418 1_1_0 EXIST::FUNCTION:TS
DES_check_key_parity 1153 1_1_0 EXIST::FUNCTION:DES
EVP_aes_256_ocb 1154 1_1_0 EXIST::FUNCTION:OCB
X509_VAL_free 1155 1_1_0 EXIST::FUNCTION:
-X509_STORE_get1_certs 1156 1_1_0 EXIST::FUNCTION:
+X509_STORE_CTX_get1_certs 1156 1_1_0 EXIST::FUNCTION:
PEM_write_RSA_PUBKEY 1157 1_1_0 EXIST::FUNCTION:RSA
PKCS12_SAFEBAG_get0_p8inf 1158 1_1_0 EXIST::FUNCTION:
X509_CRL_set_issuer_name 1159 1_1_0 EXIST::FUNCTION:
ERR_load_X509_strings 2251 1_1_0 EXIST::FUNCTION:
SHA1_Transform 2252 1_1_0 EXIST::FUNCTION:
CMS_signed_get_attr_by_NID 2253 1_1_0 EXIST::FUNCTION:CMS
-X509_STORE_get_by_subject 2254 1_1_0 EXIST::FUNCTION:
+X509_STORE_CTX_get_by_subject 2254 1_1_0 EXIST::FUNCTION:
ASN1_OCTET_STRING_it 2255 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ASN1_OCTET_STRING_it 2255 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
sk_set_cmp_func 2256 1_1_0 EXIST::FUNCTION:
PEM_read_bio_X509 2564 1_1_0 EXIST::FUNCTION:
DES_key_sched 2565 1_1_0 EXIST::FUNCTION:DES
GENERAL_NAME_dup 2566 1_1_0 EXIST::FUNCTION:
-X509_STORE_get1_crls 2567 1_1_0 EXIST::FUNCTION:
+X509_STORE_CTX_get1_crls 2567 1_1_0 EXIST::FUNCTION:
EVP_PKEY_meth_set_verify 2568 1_1_0 EXIST::FUNCTION:
EVP_sha256 2569 1_1_0 EXIST::FUNCTION:
CMS_unsigned_delete_attr 2570 1_1_0 EXIST::FUNCTION:CMS
DH_meth_free 4068 1_1_0 EXIST::FUNCTION:DH
DH_meth_get_generate_key 4069 1_1_0 EXIST::FUNCTION:DH
DH_set_flags 4070 1_1_0 EXIST::FUNCTION:DH
-X509_STORE_get_X509_by_subject 4071 1_1_0 EXIST::FUNCTION:
+X509_STORE_CTX_get_obj_by_subject 4071 1_1_0 EXIST::FUNCTION:
X509_OBJECT_free 4072 1_1_0 EXIST::FUNCTION:
X509_OBJECT_get0_X509 4073 1_1_0 EXIST::FUNCTION:
X509_STORE_CTX_get0_untrusted 4074 1_1_0 EXIST::FUNCTION:
X509_STORE_set_ex_data 4084 1_1_0 EXIST::FUNCTION:
X509_STORE_get_ex_data 4085 1_1_0 EXIST::FUNCTION:
X509_STORE_get0_objects 4086 1_1_0 EXIST::FUNCTION:
-X509_STORE_get0_param 4087 1_1_0 EXIST::FUNCTION:
-X509_OBJECT_get_type 4088 1_1_0 EXIST::FUNCTION:
-X509_STORE_set_verify 4089 1_1_0 EXIST::FUNCTION:
+X509_OBJECT_get_type 4087 1_1_0 EXIST::FUNCTION:
+X509_STORE_set_verify 4088 1_1_0 EXIST::FUNCTION:
+X509_OBJECT_new 4089 1_1_0 EXIST::FUNCTION:
+X509_STORE_get0_param 4090 1_1_0 EXIST::FUNCTION: