[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Thu Apr 28 18:02:44 UTC 2016
The branch master has been updated
via f0c58c3212d4796ea25d9baaea992bc5137fde34 (commit)
from d5553b4cb5da81c157040fb9d1bedeeed0cf4703 (commit)
- Log -----------------------------------------------------------------
commit f0c58c3212d4796ea25d9baaea992bc5137fde34
Author: Christian Heimes <cheimes at redhat.com>
Date: Tue Apr 19 21:11:30 2016 +0200
Add getters for X509_STORE and X509_OBJECT members
OpenSSL 1.1.0-pre5 has made some additional structs opaque. Python's ssl
module requires access to some of the struct members. Three new getters
are added:
int X509_OBJECT_get_type(X509_OBJECT *a);
STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
Signed-off-by: Christian Heimes <cheimes at redhat.com>
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_lu.c | 15 +++++++++++
doc/crypto/X509_STORE_get0_param.pod | 48 ++++++++++++++++++++++++++++++++++++
doc/crypto/X509_STORE_new.pod | 5 ++++
include/openssl/x509_vfy.h | 3 +++
util/libcrypto.num | 3 +++
5 files changed, 74 insertions(+)
create mode 100644 doc/crypto/X509_STORE_get0_param.pod
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 92c2599..b77a796 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -436,6 +436,11 @@ X509 *X509_OBJECT_get0_X509(X509_OBJECT *a)
return a->data.x509;
}
+int X509_OBJECT_get_type(X509_OBJECT *a)
+{
+ return a->type;
+}
+
void X509_OBJECT_free(X509_OBJECT *a)
{
if (a == NULL)
@@ -515,6 +520,11 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
return sk_X509_OBJECT_value(h, idx);
}
+STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v)
+{
+ return v->objs;
+}
+
STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
{
int i, idx, cnt;
@@ -729,6 +739,11 @@ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
return X509_VERIFY_PARAM_set1(ctx->param, param);
}
+X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx)
+{
+ return ctx->param;
+}
+
void X509_STORE_set_verify_cb(X509_STORE *ctx,
int (*verify_cb) (int, X509_STORE_CTX *))
{
diff --git a/doc/crypto/X509_STORE_get0_param.pod b/doc/crypto/X509_STORE_get0_param.pod
new file mode 100644
index 0000000..82611e6
--- /dev/null
+++ b/doc/crypto/X509_STORE_get0_param.pod
@@ -0,0 +1,48 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_get0_param, X509_STORE_set1_param,
+X509_STORE_get0_objects - X509_STORE setter and getter functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
+ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *ctx);
+
+=head1 DESCRIPTION
+
+X509_STORE_set1_param() sets the verification parameters
+to B<pm> for B<ctx>.
+
+X509_STORE_get0_param() retrieves an internal pointer to the verification
+parameters for B<ctx>. The returned pointer must not be freed by the
+calling application
+
+X509_STORE_get0_objects() retrieve an internal pointer to the store's
+X509 object cache. The cache contains B<X509> and B<X509_CRL> objects. The
+returned pointer must not be freed by the calling application.
+
+
+=head1 RETURN VALUES
+
+X509_STORE_get0_param() returns a pointer to an
+B<X509_VERIFY_PARAM> structure.
+
+X509_STORE_set1_param() returns 1 for success and 0 for failure.
+
+X509_STORE_get0_objects() returns a pointer to a stack of B<X509_OBJECT>.
+
+=head1 SEE ALSO
+
+L<X509_STORE_new(3)>
+
+=head1 HISTORY
+
+B<X509_STORE_get0_param> and B<X509_STORE_get0_objects> were added in
+OpenSSL version 1.1.0.
+
+=cut
diff --git a/doc/crypto/X509_STORE_new.pod b/doc/crypto/X509_STORE_new.pod
index 37cabb5..0512ad3 100644
--- a/doc/crypto/X509_STORE_new.pod
+++ b/doc/crypto/X509_STORE_new.pod
@@ -32,5 +32,10 @@ X509_STORE_free() does not return values.
=head1 SEE ALSO
L<X509_STORE_set_verify_cb_func(3)>
+L<X509_STORE_get0_param(3)>
+
+=head1 HISTORY
+
+The B<X509_STORE_up_ref> function was added in OpenSSL 1.1.0
=cut
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index 65370b4..0bbebe1 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -272,11 +272,13 @@ X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
X509_OBJECT *x);
void X509_OBJECT_up_ref_count(X509_OBJECT *a);
void X509_OBJECT_free(X509_OBJECT *a);
+int X509_OBJECT_get_type(X509_OBJECT *a);
X509 *X509_OBJECT_get0_X509(X509_OBJECT *a);
void X509_OBJECT_free_contents(X509_OBJECT *a);
X509_STORE *X509_STORE_new(void);
void X509_STORE_free(X509_STORE *v);
int X509_STORE_up_ref(X509_STORE *v);
+STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
@@ -284,6 +286,7 @@ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
void X509_STORE_set_verify_cb(X509_STORE *ctx,
int (*verify_cb) (int, X509_STORE_CTX *));
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 1f254ba..16fb748 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4209,3 +4209,6 @@ X509_STORE_CTX_set0_untrusted 4082 1_1_0 EXIST::FUNCTION:
OPENSSL_hexchar2int 4083 1_1_0 EXIST::FUNCTION:
X509_STORE_set_ex_data 4084 1_1_0 EXIST::FUNCTION:
X509_STORE_get_ex_data 4085 1_1_0 EXIST::FUNCTION:
+X509_STORE_get0_objects 4086 1_1_0 EXIST::FUNCTION:
+X509_STORE_get0_param 4087 1_1_0 EXIST::FUNCTION:
+X509_OBJECT_get_type 4088 1_1_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list