[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Mon Apr 25 19:26:51 UTC 2016 

The branch master has been updated
       via  5a6694e30340d36fcf0b1dd349a7373010fb2524 (commit)
       via  51227177b13b53ff5d6c77fd701f5172b6c1b358 (commit)
      from  2036fd50466b0586326bbc260a4f77020467531a (commit)


- Log -----------------------------------------------------------------
commit 5a6694e30340d36fcf0b1dd349a7373010fb2524
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date:   Mon Apr 25 15:13:27 2016 -0400

    make update
    
    And recycle some disused slots.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit 51227177b13b53ff5d6c77fd701f5172b6c1b358
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date:   Mon Apr 25 15:02:02 2016 -0400

    Added missing X509_STORE_CTX_set_error_depth() accessor
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x509_vfy.c                  |  5 +++++
 doc/crypto/X509_STORE_CTX_get_error.pod | 19 ++++++++++++-------
 include/openssl/x509_vfy.h              |  1 +
 util/libcrypto.num                      |  9 ++++-----
 4 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index efa6bca..b895ffe 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1989,6 +1989,11 @@ int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
     return ctx->error_depth;
 }
 
+void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth)
+{
+    ctx->error_depth = depth;
+}
+
 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
 {
     return ctx->current_cert;
diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod
index 1cc6bb5..8c3975c 100644
--- a/doc/crypto/X509_STORE_CTX_get_error.pod
+++ b/doc/crypto/X509_STORE_CTX_get_error.pod
@@ -3,8 +3,8 @@
 =head1 NAME
 
 X509_STORE_CTX_get_error, X509_STORE_CTX_set_error,
-X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert,
-X509_STORE_CTX_get0_cert,
+X509_STORE_CTX_get_error_depth, X509_STORE_CTX_set_error_depth,
+X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get0_cert,
 X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information
 
 =head1 SYNOPSIS
@@ -12,11 +12,12 @@ X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificat
  #include <openssl/x509.h>
  #include <openssl/x509_vfy.h>
 
- int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
- void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
- int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
- X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
- X509 *	X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+ int   X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+ int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ void  X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
 
  STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
 
@@ -39,6 +40,10 @@ non-negative integer representing where in the certificate chain the error
 occurred. If it is zero it occurred in the end entity certificate, one if
 it is the certificate which signed the end entity certificate and so on.
 
+X509_STORE_CTX_set_error_depth() sets the error B<depth>.
+This can be used in combination with X509_STORE_CTX_set_error() to set the
+depth at which an error condition was detected.
+
 X509_STORE_CTX_get0_cert() returns the leaf certificate being verified.
 
 X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index 99d5e21..f357d1a 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -366,6 +366,7 @@ void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
 int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
 void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
 X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
 X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index efa5063..b9a9a84 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4198,12 +4198,11 @@ X509_STORE_get_X509_by_subject          4071	1_1_0	EXIST::FUNCTION:
 X509_OBJECT_free                        4072	1_1_0	EXIST::FUNCTION:
 X509_OBJECT_get0_X509                   4073	1_1_0	EXIST::FUNCTION:
 X509_STORE_CTX_get0_untrusted           4074	1_1_0	EXIST::FUNCTION:
-X509_STORE_CTX_set0_chain               4075	1_1_0	NOEXIST::FUNCTION:
+X509_STORE_CTX_set_error_depth          4075	1_1_0	EXIST::FUNCTION:
 X509_STORE_CTX_get0_cert                4076	1_1_0	EXIST::FUNCTION:
 X509_STORE_CTX_set_verify               4077	1_1_0	EXIST::FUNCTION:
 X509_STORE_CTX_get_verify               4079	1_1_0	EXIST::FUNCTION:
 X509_STORE_CTX_get_verify_cb            4080	1_1_0	EXIST::FUNCTION:
-X509_STORE_CTX_get_cert                 4081	1_1_0	NOEXIST::FUNCTION:
-X509_STORE_CTX_set0_verified_chain      4082	1_1_0	EXIST::FUNCTION:
-X509_STORE_CTX_set0_untrusted           4083	1_1_0	EXIST::FUNCTION:
-OPENSSL_hexchar2int                     4084	1_1_0	EXIST::FUNCTION:
+X509_STORE_CTX_set0_verified_chain      4081	1_1_0	EXIST::FUNCTION:
+X509_STORE_CTX_set0_untrusted           4082	1_1_0	EXIST::FUNCTION:
+OPENSSL_hexchar2int                     4083	1_1_0	EXIST::FUNCTION:

More information about the openssl-commits mailing list