Provide X509_STORE_CTX_get0_{cert,untrusted}() and

X509_STORE_CTX_set0_{trusted_stack,untrusted}().
author: jsing <jsing@openbsd.org> 2018-02-14 17:06:34 +0000
committer: jsing <jsing@openbsd.org> 2018-02-14 17:06:34 +0000
commit: df78b4fd58623dd0bb0421a8831f0209584a3889 (patch)
tree: 4c9499b7dc15de95bc4f2546472d956ff5cf4c2f /lib
parent: Provide X509_get{0,m}_not{Before,After}(). (diff)
download: wireguard-openbsd-df78b4fd58623dd0bb0421a8831f0209584a3889.tar.xz
wireguard-openbsd-df78b4fd58623dd0bb0421a8831f0209584a3889.zip
3 files changed, 35 insertions, 3 deletions
diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list
index 540213232b5..d9cbe853a9a 100644
--- a/lib/libcrypto/Symbols.list
+++ b/lib/libcrypto/Symbols.list
@@ -2741,11 +2741,13 @@ X509_SIG_it
 X509_SIG_new
 X509_STORE_CTX_cleanup
 X509_STORE_CTX_free
+X509_STORE_CTX_get0_cert
 X509_STORE_CTX_get0_current_crl
 X509_STORE_CTX_get0_current_issuer
 X509_STORE_CTX_get0_param
 X509_STORE_CTX_get0_parent_ctx
 X509_STORE_CTX_get0_policy_tree
+X509_STORE_CTX_get0_untrusted
 X509_STORE_CTX_get1_chain
 X509_STORE_CTX_get1_issuer
 X509_STORE_CTX_get_chain
@@ -2760,6 +2762,8 @@ X509_STORE_CTX_new
 X509_STORE_CTX_purpose_inherit
 X509_STORE_CTX_set0_crls
 X509_STORE_CTX_set0_param
+X509_STORE_CTX_set0_trusted_stack
+X509_STORE_CTX_set0_untrusted
 X509_STORE_CTX_set_cert
 X509_STORE_CTX_set_chain
 X509_STORE_CTX_set_default
diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c
index 8efff680c10..70e03cf436c 100644
--- a/lib/libcrypto/x509/x509_vfy.c
+++ b/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.66 2017/08/27 01:39:26 beck Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.67 2018/02/14 17:06:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2302,6 +2302,12 @@ X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
 }
 
 void
+X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+	X509_STORE_CTX_trusted_stack(ctx, sk);
+}
+
+void
 X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
 {
 	if (ctx->cleanup)
@@ -2349,6 +2355,24 @@ X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
 	ctx->verify_cb = verify_cb;
 }
 
+X509 *
+X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)
+{
+	return ctx->cert;
+}
+
+STACK_OF(X509) *
+X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx)
+{
+	return ctx->untrusted;
+}
+
+void
+X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+	ctx->untrusted = sk;
+}
+
 X509_POLICY_TREE *
 X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
 {
diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h
index a9cf7e0eda5..ed491791337 100644
--- a/lib/libcrypto/x509/x509_vfy.h
+++ b/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.19 2018/02/10 04:33:47 jsing Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.20 2018/02/14 17:06:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -446,7 +446,11 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
 void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
 int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
 			 X509 *x509, STACK_OF(X509) *chain);
+X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
 void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
 
 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
@@ -512,7 +516,7 @@ void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
 								time_t t);
 void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
 				  int (*verify_cb)(int, X509_STORE_CTX *));
-  
+ 
 X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
 int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
author	jsing <jsing@openbsd.org>	2018-02-14 17:06:34 +0000
committer	jsing <jsing@openbsd.org>	2018-02-14 17:06:34 +0000
commit	df78b4fd58623dd0bb0421a8831f0209584a3889 (patch)
tree	4c9499b7dc15de95bc4f2546472d956ff5cf4c2f /lib
parent	Provide X509_get{0,m}_not{Before,After}(). (diff)
download	wireguard-openbsd-df78b4fd58623dd0bb0421a8831f0209584a3889.tar.xz wireguard-openbsd-df78b4fd58623dd0bb0421a8831f0209584a3889.zip