diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2022-01-05 20:18:20 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-01-05 20:18:20 +0000 |
commit | 995364c71b4e2672a231cbfd7adcd5e099d0ec32 (patch) | |
tree | 08888fcaf8bd44e113918a74bf2ed11457b37e3f /lib/libcrypto | |
parent | d29ec35a5643ad9a546423dadd67555c4bd3d659 (diff) |
Prepare to provide X509_{set,get}_verify() and X509_STORE_get_verify_cb()
as well as the X509_STORE_CTX_verify_cb and X509_STORE_CTX_verify_fn types
This will fix the X509_STORE_set_verify_func macro which is currently
broken, as pointed out by schwarze.
ok inoguchi jsing
Diffstat (limited to 'lib/libcrypto')
-rw-r--r-- | lib/libcrypto/x509/x509_lu.c | 25 | ||||
-rw-r--r-- | lib/libcrypto/x509/x509_vfy.h | 19 |
2 files changed, 37 insertions, 7 deletions
diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index ca96edf221d..9400aec320b 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_lu.c,v 1.53 2021/11/19 07:49:27 schwarze Exp $ */ +/* $OpenBSD: x509_lu.c,v 1.54 2022/01/05 20:18:19 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -821,8 +821,25 @@ X509_STORE_get0_param(X509_STORE *ctx) } void -X509_STORE_set_verify_cb(X509_STORE *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)) +X509_STORE_set_verify(X509_STORE *store, X509_STORE_CTX_verify_fn verify) { - ctx->verify_cb = verify_cb; + store->verify = verify; +} + +X509_STORE_CTX_verify_fn +X509_STORE_get_verify(X509_STORE *store) +{ + return store->verify; +} + +void +X509_STORE_set_verify_cb(X509_STORE *store, X509_STORE_CTX_verify_cb verify_cb) +{ + store->verify_cb = verify_cb; +} + +X509_STORE_CTX_verify_cb +X509_STORE_get_verify_cb(X509_STORE *store) +{ + return store->verify_cb; } diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h index 34fb9133506..a02ef94e2bc 100644 --- a/lib/libcrypto/x509/x509_vfy.h +++ b/lib/libcrypto/x509/x509_vfy.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.h,v 1.47 2021/11/19 16:35:10 schwarze Exp $ */ +/* $OpenBSD: x509_vfy.h,v 1.48 2022/01/05 20:18:19 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -297,6 +297,12 @@ int X509_STORE_set_trust(X509_STORE *ctx, int trust); int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx); +#if defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_CRYPTO_INTERNAL) +typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *); + +X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *); +#endif + void X509_STORE_set_verify_cb(X509_STORE *ctx, int (*verify_cb)(int, X509_STORE_CTX *)); #define X509_STORE_set_verify_cb_func(ctx, func) \ @@ -388,12 +394,19 @@ void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) int (*X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx))(X509_STORE_CTX *); void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, int (*verify)(X509_STORE_CTX *)); -#define X509_STORE_set_verify_func(ctx, func) \ - X509_STORE_set_verify((ctx), (func)) int (*X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx))(int, X509_STORE_CTX *); void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, int (*verify_cb)(int, X509_STORE_CTX *)); +#if defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_CRYPTO_INTERNAL) +typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *); + +void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify); +X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx); +#endif +#define X509_STORE_set_verify_func(ctx, func) \ + X509_STORE_set_verify((ctx), (func)) + X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx); int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx); int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx); |