diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2021-02-25 16:59:00 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2021-02-25 16:59:00 +0000 |
| commit | 85b166a61f5d65e039d05081daf0b2332a609d60 (patch) | |
| tree | 64a86f6c86a5a6e9d65e0d09e25019b28614ec75 | |
| parent | fa36d1ab0dfc33cd5f371840269d0a629831e7e5 (diff) | |
Rename depth to num_untrusted so it identifies what it actually represents.
ok tb@
| -rw-r--r-- | lib/libcrypto/x509/x509_verify.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/libcrypto/x509/x509_verify.c b/lib/libcrypto/x509/x509_verify.c index 62cbb7cef80..02db436b1ad 100644 --- a/lib/libcrypto/x509/x509_verify.c +++ b/lib/libcrypto/x509/x509_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_verify.c,v 1.32 2021/02/25 16:57:10 jsing Exp $ */ +/* $OpenBSD: x509_verify.c,v 1.33 2021/02/25 16:58:59 jsing Exp $ */ /* * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org> * @@ -197,22 +197,22 @@ static int x509_verify_ctx_set_xsc_chain(struct x509_verify_ctx *ctx, struct x509_verify_chain *chain, int set_error, int is_trusted) { - size_t depth; + size_t num_untrusted; int i; if (ctx->xsc == NULL) return 1; - depth = sk_X509_num(chain->certs); - if (is_trusted && depth > 0) - depth--; /* * XXX last_untrusted is actually the number of untrusted certs at the * bottom of the chain. This works now since we stop at the first * trusted cert. This will need fixing once we allow more than one * trusted certificate. */ - ctx->xsc->last_untrusted = depth; + num_untrusted = sk_X509_num(chain->certs); + if (is_trusted && num_untrusted > 0) + num_untrusted--; + ctx->xsc->last_untrusted = num_untrusted; sk_X509_pop_free(ctx->xsc->chain, X509_free); ctx->xsc->chain = X509_chain_up_ref(chain->certs); |