From: Dr. Stephen Henson Date: Fri, 5 Jan 2001 03:31:51 +0000 (+0000) Subject: Modify OCSP API to more closely reflect X-Git-Tag: OpenSSL_0_9_6a-beta1~81^2~73 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8e961835063985d61b5131dc4c912e565918d8a3;p=oweals%2Fopenssl.git Modify OCSP API to more closely reflect application needs. Add OCSP library name to error code. --- diff --git a/CHANGES b/CHANGES index 836740afd0..f43b723c8e 100644 --- a/CHANGES +++ b/CHANGES @@ -3,6 +3,17 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) Change function OCSP_request_add() to OCSP_request_add0(). + This doesn't copy the supplied OCSP_CERTID and avoids the + need to free up the newly created id. Change return type + to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure. + This can then be used to add extensions to the request. + Deleted OCSP_request_new(), since most of its functionality + is now in OCSP_REQUEST_new() (and the case insensitive name + clash) apart from the ability to set the request name which + will be added elsewhere. + [Steve Henson] + *) Update OCSP API. Remove obsolete extensions argument from various functions. Extensions are now handled using the new OCSP extension code. New simple OCSP HTTP function which diff --git a/crypto/err/err.c b/crypto/err/err.c index 1f517cb5f4..fdf7746948 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -163,6 +163,7 @@ static ERR_STRING_DATA ERR_str_libraries[]= {ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, {ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, {ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, +{ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, {0,NULL}, }; diff --git a/crypto/ocsp/ocsp.h b/crypto/ocsp/ocsp.h index 7c131d28f4..7bc23ba4cf 100644 --- a/crypto/ocsp/ocsp.h +++ b/crypto/ocsp/ocsp.h @@ -395,10 +395,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, OCSP_CERTSTATUS *OCSP_cert_status_new(int status, int reason, char *tim); -OCSP_REQUEST *OCSP_request_new(X509_NAME* name); - -int OCSP_request_add(OCSP_REQUEST *req, - OCSP_CERTID *cid); +OCSP_ONEREQ *OCSP_request_add0(OCSP_REQUEST *req, OCSP_CERTID *cid); int OCSP_request_sign(OCSP_REQUEST *req, EVP_PKEY *key, diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index bddb5280ea..2a6c472f23 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -162,37 +162,20 @@ err: return NULL; } -OCSP_REQUEST *OCSP_request_new(X509_NAME* name) - { - OCSP_REQUEST *req = NULL; - - if ((req = OCSP_REQUEST_new()) == NULL) goto err; - if (name) /* optional */ - { - if (!(req->tbsRequest->requestorName=GENERAL_NAME_new())) - goto err; - req->tbsRequest->requestorName->type = GEN_DIRNAME; - req->tbsRequest->requestorName->d.dirn = X509_NAME_dup(name); - } - if (!(req->tbsRequest->requestList = sk_OCSP_ONEREQ_new(NULL))) goto err; - return req; -err: - if (req) OCSP_REQUEST_free(req); - return NULL; - } - -int OCSP_request_add(OCSP_REQUEST *req, OCSP_CERTID *cid) +OCSP_ONEREQ *OCSP_request_add0(OCSP_REQUEST *req, OCSP_CERTID *cid) { OCSP_ONEREQ *one = NULL; if (!(one = OCSP_ONEREQ_new())) goto err; if (one->reqCert) OCSP_CERTID_free(one->reqCert); - if (!(one->reqCert = OCSP_CERTID_dup(cid))) goto err; - if (!sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one)) goto err; - return 1; + one->reqCert = cid; + if (req && + !sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one)) + goto err; + return one; err: if (one) OCSP_ONEREQ_free(one); - return 0; + return NULL; } int OCSP_request_sign(OCSP_REQUEST *req,