[openssl-commits] [openssl] master update
Dr. Stephen Henson
steve at openssl.org
Mon Aug 31 22:19:44 UTC 2015
The branch master has been updated
via 25a5d1b8c425d9434ed8b2bec53d20ab8c14f886 (commit)
via 05f0fb9f6acc34c82a082d7668572828925694e7 (commit)
via 65cbf983ca4f69b8954f949c2edaaa48824481b3 (commit)
from a7e974c7be90e2c9673e2ce6215a70f734eb8ad4 (commit)
- Log -----------------------------------------------------------------
commit 25a5d1b8c425d9434ed8b2bec53d20ab8c14f886
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Mon Aug 31 21:02:06 2015 +0100
make update
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit 05f0fb9f6acc34c82a082d7668572828925694e7
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Mon Aug 31 20:29:57 2015 +0100
Add X509_up_ref function.
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit 65cbf983ca4f69b8954f949c2edaaa48824481b3
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Mon Aug 31 20:30:20 2015 +0100
Add X509_CRL_up_ref function
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/Makefile | 9 +++++----
crypto/cms/cms_env.c | 2 +-
crypto/cms/cms_lib.c | 8 ++++----
crypto/cms/cms_sd.c | 4 ++--
crypto/ocsp/ocsp_cl.c | 2 +-
crypto/ocsp/ocsp_srv.c | 2 +-
crypto/pkcs7/pk7_lib.c | 6 +++---
crypto/store/str_lib.c | 16 +++++++---------
crypto/ts/ts_rsp_sign.c | 2 +-
crypto/ts/ts_rsp_verify.c | 2 +-
crypto/x509/Makefile | 11 ++++++-----
crypto/x509/x509_cmp.c | 2 +-
crypto/x509/x509_lu.c | 10 +++++-----
crypto/x509/x509_set.c | 5 +++++
crypto/x509/x509_vfy.c | 12 ++++++------
crypto/x509/x509cset.c | 5 +++++
crypto/x509v3/Makefile | 6 ++++--
crypto/x509v3/pcy_tree.c | 2 +-
include/openssl/x509.h | 2 ++
ssl/s3_clnt.c | 2 +-
ssl/ssl_cert.c | 4 ++--
ssl/ssl_lib.c | 2 +-
ssl/ssl_rsa.c | 2 +-
ssl/ssl_sess.c | 2 +-
util/libeay.num | 4 ++++
25 files changed, 71 insertions(+), 53 deletions(-)
diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile
index a566dfa..ffee97b 100644
--- a/crypto/asn1/Makefile
+++ b/crypto/asn1/Makefile
@@ -611,7 +611,7 @@ t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_req.o: ../include/internal/cryptlib.h t_req.c
+t_req.o: ../include/internal/cryptlib.h ../include/internal/x509_int.h t_req.c
t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
@@ -654,7 +654,8 @@ t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_x509a.o: ../include/internal/cryptlib.h t_x509a.c
+t_x509a.o: ../include/internal/cryptlib.h ../include/internal/x509_int.h
+t_x509a.o: t_x509a.c
tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -835,7 +836,7 @@ x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_req.o: ../../include/openssl/x509_vfy.h ../include/internal/cryptlib.h
-x_req.o: x_req.c
+x_req.o: ../include/internal/x509_int.h x_req.c
x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -906,4 +907,4 @@ x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_x509a.o: ../../include/openssl/x509_vfy.h ../include/internal/cryptlib.h
-x_x509a.o: x_x509a.c
+x_x509a.o: ../include/internal/x509_int.h x_x509a.c
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index 5c86dd9..f677a9b 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -206,7 +206,7 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
return 0;
- CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(recip);
CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
ktri->pkey = pk;
ktri->recip = recip;
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 8525ff8..0bfad69 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -457,7 +457,7 @@ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
int r;
r = CMS_add0_cert(cms, cert);
if (r > 0)
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
return r;
}
@@ -517,7 +517,7 @@ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
int r;
r = CMS_add0_crl(cms, crl);
if (r > 0)
- CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(crl);
return r;
}
@@ -542,7 +542,7 @@ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
sk_X509_pop_free(certs, X509_free);
return NULL;
}
- CRYPTO_add(&cch->d.certificate->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cch->d.certificate);
}
}
return certs;
@@ -570,7 +570,7 @@ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
sk_X509_CRL_pop_free(crls, X509_CRL_free);
return NULL;
}
- CRYPTO_add(&rch->d.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(rch->d.crl);
}
}
return crls;
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index ab574fc..338e515 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -285,7 +285,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
X509_check_purpose(signer, -1, -1);
CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
- CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(signer);
si->pkey = pk;
si->signer = signer;
@@ -485,7 +485,7 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
{
if (signer) {
- CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(signer);
EVP_PKEY_free(si->pkey);
si->pkey = X509_get_pubkey(signer);
}
diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index ef8ff30..8143389 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -138,7 +138,7 @@ int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
if (!sk_X509_push(sig->certs, cert))
return 0;
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
return 1;
}
diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c
index 740b11c..948eff9 100644
--- a/crypto/ocsp/ocsp_srv.c
+++ b/crypto/ocsp/ocsp_srv.c
@@ -213,7 +213,7 @@ int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
if (!sk_X509_push(resp->certs, cert))
return 0;
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(cert);
return 1;
}
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 5d321f8..b116f5a 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -308,7 +308,7 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
return 0;
}
- CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x509);
if (!sk_X509_push(*sk, x509)) {
X509_free(x509);
return 0;
@@ -341,7 +341,7 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
return 0;
}
- CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(crl);
if (!sk_X509_CRL_push(*sk, crl)) {
X509_CRL_free(crl);
return 0;
@@ -545,7 +545,7 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
EVP_PKEY_free(pkey);
- CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x509);
p7i->cert = x509;
return 1;
diff --git a/crypto/store/str_lib.c b/crypto/store/str_lib.c
index fef7111..3201da9 100644
--- a/crypto/store/str_lib.c
+++ b/crypto/store/str_lib.c
@@ -251,8 +251,7 @@ X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
STORE_R_FAILED_GETTING_CERTIFICATE);
return 0;
}
- CRYPTO_add(&object->data.x509.certificate->references, 1,
- CRYPTO_LOCK_X509);
+ X509_up_ref(object->data.x509.certificate);
#ifdef REF_PRINT
REF_PRINT("X509", data);
#endif
@@ -276,7 +275,7 @@ int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
return 0;
}
- CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(data);
#ifdef REF_PRINT
REF_PRINT("X509", data);
#endif
@@ -378,8 +377,7 @@ X509 *STORE_list_certificate_next(STORE *s, void *handle)
STORE_R_FAILED_LISTING_CERTIFICATES);
return 0;
}
- CRYPTO_add(&object->data.x509.certificate->references, 1,
- CRYPTO_LOCK_X509);
+ X509_up_ref(object->data.x509.certificate);
#ifdef REF_PRINT
REF_PRINT("X509", data);
#endif
@@ -821,7 +819,7 @@ X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
return 0;
}
- CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(object->data.crl);
#ifdef REF_PRINT
REF_PRINT("X509_CRL", data);
#endif
@@ -845,7 +843,7 @@ X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
return 0;
}
- CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(object->data.crl);
#ifdef REF_PRINT
REF_PRINT("X509_CRL", data);
#endif
@@ -869,7 +867,7 @@ int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
return 0;
}
- CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(data);
#ifdef REF_PRINT
REF_PRINT("X509_CRL", data);
#endif
@@ -950,7 +948,7 @@ X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
return 0;
}
- CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(object->data.crl);
#ifdef REF_PRINT
REF_PRINT("X509_CRL", data);
#endif
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index d90d33f..f0fc503 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -209,7 +209,7 @@ int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
}
X509_free(ctx->signer_cert);
ctx->signer_cert = signer;
- CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
+ X509_up_ref(ctx->signer_cert);
return 1;
}
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index 342c524..5784e3d 100644
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -212,7 +212,7 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
/* Return the signer certificate if needed. */
if (signer_out) {
*signer_out = signer;
- CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(signer);
}
ret = 1;
diff --git a/crypto/x509/Makefile b/crypto/x509/Makefile
index 7e0e594..4127646 100644
--- a/crypto/x509/Makefile
+++ b/crypto/x509/Makefile
@@ -222,7 +222,7 @@ x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509_r2x.o: ../../include/openssl/x509_vfy.h ../include/internal/cryptlib.h
-x509_r2x.o: x509_r2x.c
+x509_r2x.o: ../include/internal/x509_int.h x509_r2x.c
x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
x509_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x509_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -238,7 +238,7 @@ x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509_req.o: ../../include/openssl/x509_vfy.h ../include/internal/cryptlib.h
-x509_req.o: x509_req.c
+x509_req.o: ../include/internal/x509_int.h x509_req.c
x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -266,7 +266,8 @@ x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_trs.o: ../include/internal/cryptlib.h x509_trs.c
+x509_trs.o: ../include/internal/cryptlib.h ../include/internal/x509_int.h
+x509_trs.o: x509_trs.c
x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -364,7 +365,7 @@ x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509rset.o: ../../include/openssl/x509_vfy.h ../include/internal/cryptlib.h
-x509rset.o: x509rset.c
+x509rset.o: ../include/internal/x509_int.h x509rset.c
x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -407,7 +408,7 @@ x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x_all.o: ../include/internal/cryptlib.h x_all.c
+x_all.o: ../include/internal/cryptlib.h ../include/internal/x509_int.h x_all.c
x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 9308249..47791c7 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -487,7 +487,7 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
ret = sk_X509_dup(chain);
for (i = 0; i < sk_X509_num(ret); i++) {
X509 *x = sk_X509_value(ret, i);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x);
}
return ret;
}
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index ae46df8..3dae7fa 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -406,10 +406,10 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a)
default:
break;
case X509_LU_X509:
- CRYPTO_add(&a->data.x509->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(a->data.x509);
break;
case X509_LU_CRL:
- CRYPTO_add(&a->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(a->data.crl);
break;
}
}
@@ -521,7 +521,7 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
for (i = 0; i < cnt; i++, idx++) {
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
x = obj->data.x509;
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x);
if (!sk_X509_push(sk, x)) {
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
X509_free(x);
@@ -565,7 +565,7 @@ STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
for (i = 0; i < cnt; i++, idx++) {
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
x = obj->data.crl;
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(x);
if (!sk_X509_CRL_push(sk, x)) {
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
X509_CRL_free(x);
@@ -676,7 +676,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
}
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
if (*issuer)
- CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(*issuer);
return ret;
}
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index 486e90a..1ccfdb9 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -150,3 +150,8 @@ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
return (0);
return (X509_PUBKEY_set(&(x->cert_info->key), pkey));
}
+
+void X509_up_ref(X509 *x)
+{
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+}
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index a3077b5..7d770c5 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -172,7 +172,7 @@ static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x)
break;
}
if (i < sk_X509_num(certs))
- CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(xtmp);
else
xtmp = NULL;
sk_X509_pop_free(certs, X509_free);
@@ -212,7 +212,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
goto end;
}
- CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(ctx->cert);
ctx->last_untrusted = 1;
/* We use a temporary STACK so we can chop and hack at it */
@@ -262,7 +262,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
goto end;
}
- CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(xtmp);
(void)sk_X509_delete_ptr(sktmp, xtmp);
ctx->last_untrusted++;
x = xtmp;
@@ -566,7 +566,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
{
*issuer = find_issuer(ctx, ctx->other_ctx, x);
if (*issuer) {
- CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(*issuer);
return 1;
} else
return 0;
@@ -1025,7 +1025,7 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
*pissuer = best_crl_issuer;
*pscore = best_score;
*preasons = best_reasons;
- CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(best_crl);
X509_CRL_free(*pdcrl);
*pdcrl = NULL;
get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
@@ -1123,7 +1123,7 @@ static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
if (check_delta_base(delta, base)) {
if (check_crl_time(ctx, delta, 0))
*pscore |= CRL_SCORE_TIME_DELTA;
- CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
+ X509_CRL_up_ref(delta);
*dcrl = delta;
return;
}
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index 925ba69..c687324 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -132,6 +132,11 @@ int X509_CRL_sort(X509_CRL *c)
return 1;
}
+void X509_CRL_up_ref(X509_CRL *crl)
+{
+ CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+}
+
int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
{
ASN1_TIME *in;
diff --git a/crypto/x509v3/Makefile b/crypto/x509v3/Makefile
index fb1085b..57d7e1a 100644
--- a/crypto/x509v3/Makefile
+++ b/crypto/x509v3/Makefile
@@ -545,7 +545,8 @@ v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_skey.o: ../include/internal/cryptlib.h v3_skey.c
+v3_skey.o: ../include/internal/cryptlib.h ../include/internal/x509_int.h
+v3_skey.o: v3_skey.c
v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
@@ -574,7 +575,8 @@ v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_utl.o: ../include/internal/cryptlib.h v3_utl.c
+v3_utl.o: ../include/internal/cryptlib.h ../include/internal/x509_int.h
+v3_utl.o: v3_utl.c
v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index e7ab7cd..4b0ea15 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -249,7 +249,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
level++;
x = sk_X509_value(certs, i);
cache = policy_cache_set(x);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x);
level->cert = x;
if (!cache->anyPolicy)
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index dc96a2b..4e816ea 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -798,6 +798,7 @@ X509_NAME *X509_get_subject_name(X509 *a);
int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+void X509_up_ref(X509 *x);
EVP_PKEY *X509_get_pubkey(X509 *x);
ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
@@ -837,6 +838,7 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
int X509_CRL_sort(X509_CRL *crl);
+void X509_CRL_up_ref(X509_CRL *crl);
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index e7bbfc9..ba35fb9 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1359,7 +1359,7 @@ int ssl3_get_server_certificate(SSL *s)
s->session->peer_type = i;
X509_free(s->session->peer);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x);
s->session->peer = x;
s->session->verify_result = s->verify_result;
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 5e9b8ff..1183961 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -250,7 +250,7 @@ CERT *ssl_cert_dup(CERT *cert)
CERT_PKEY *rpk = ret->pkeys + i;
if (cpk->x509 != NULL) {
rpk->x509 = cpk->x509;
- CRYPTO_add(&rpk->x509->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(rpk->x509);
}
if (cpk->privatekey != NULL) {
@@ -463,7 +463,7 @@ int ssl_cert_add1_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x)
{
if (!ssl_cert_add0_chain_cert(s, ctx, x))
return 0;
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x);
return 1;
}
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2a2eb78..fd1561e 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -825,7 +825,7 @@ X509 *SSL_get_peer_certificate(const SSL *s)
if (r == NULL)
return (r);
- CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(r);
return (r);
}
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index f485126..6772441 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -415,7 +415,7 @@ static int ssl_set_cert(CERT *c, X509 *x)
EVP_PKEY_free(pkey);
X509_free(c->pkeys[i].x509);
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(x);
c->pkeys[i].x509 = x;
c->key = &(c->pkeys[i]);
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 26a3c43..69e6d7f 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -266,7 +266,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
dest->references = 1;
if (src->peer != NULL)
- CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
+ X509_up_ref(src->peer);
if (src->peer_chain != NULL) {
dest->peer_chain = X509_chain_up_ref(src->peer_chain);
diff --git a/util/libeay.num b/util/libeay.num
index bb78665..1e3671f 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4588,3 +4588,7 @@ BIO_s_secmem 4946 EXIST::FUNCTION:
CRYPTO_get_secure_mem_ex_functions 4947 EXIST::FUNCTION:
CRYPTO_set_secure_mem_functions 4948 EXIST::FUNCTION:
X509_STORE_CTX_get_num_untrusted 4949 EXIST::FUNCTION:
+X509_up_ref 4950 EXIST::FUNCTION:
+X509_REQ_get_version 4951 EXIST::FUNCTION:
+X509_REQ_get_subject_name 4952 EXIST::FUNCTION:
+X509_CRL_up_ref 4953 EXIST::FUNCTION:
More information about the openssl-commits
mailing list