From: Dr. Stephen Henson Date: Sat, 16 Apr 2016 17:23:19 +0000 (+0100) Subject: Add X509_STORE_CTX_set0_untrusted function. X-Git-Tag: OpenSSL_1_1_0-pre5~13 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4dba585f79725d7a5a8ccc7b7623782773ea53bd;p=oweals%2Fopenssl.git Add X509_STORE_CTX_set0_untrusted function. Reviewed-by: Richard Levitte --- diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 312b112f50..c16762632c 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2343,6 +2343,11 @@ STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx) return ctx->untrusted; } +void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) +{ + ctx->untrusted = sk; +} + void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) { sk_X509_pop_free(ctx->chain, X509_free); diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod index 69ff7c4538..17517b3e16 100644 --- a/doc/crypto/X509_STORE_CTX_new.pod +++ b/doc/crypto/X509_STORE_CTX_new.pod @@ -8,7 +8,7 @@ X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_get0_cert, -X509_STORE_CTX_get0_untrusted, +X509_STORE_CTX_get0_untrusted, X509_STORE_CTX_set0_untrusted, X509_STORE_CTX_get_num_untrusted, X509_STORE_CTX_set_default, X509_STORE_CTX_get_verify_cb, @@ -39,6 +39,7 @@ X509_STORE_CTX_get_verify - X509_STORE_CTX initialisation X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx); STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx); + void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx); @@ -101,6 +102,9 @@ certificate being verified by the B. X509_STORE_CTX_get0_untrusted() retrieves an internal pointer to the stack of untrusted certifieds associated with B. +X509_STORE_CTX_set0_untrusted() sets the internal point to the stack +of unstrusted certificates associated with B to B. + X509_STORE_CTX_set0_param() sets the internal verification parameter pointer to B. After this call B should not be used. diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index 544f2ad6ce..0ef5855c3a 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -306,6 +306,7 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx); X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx); STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx); +void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *); typedef int (*X509_STORE_CTX_verify)(X509_STORE_CTX *); void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, diff --git a/util/libcrypto.num b/util/libcrypto.num index a92286c64c..309b0ad9cf 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4206,3 +4206,4 @@ X509_STORE_CTX_get_verify 4079 1_1_0 EXIST::FUNCTION: X509_STORE_CTX_get_verify_cb 4080 1_1_0 EXIST::FUNCTION: X509_STORE_CTX_get_cert 4081 1_1_0 EXIST::FUNCTION: X509_STORE_CTX_set0_verified_chain 4082 1_1_0 EXIST::FUNCTION: +X509_STORE_CTX_set0_untrusted 4083 1_1_0 EXIST::FUNCTION: