Provide X509_STORE_CTX_get0_{cert,untrusted}() and

X509_STORE_CTX_set0_{trusted_stack,untrusted}().

diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list
index 5402132..d9cbe85 100644 (file)
--- a/lib/libcrypto/Symbols.list
+++ b/lib/libcrypto/Symbols.list
@@ -2741,11 +2741,13 @@ X509_SIG_it
 X509_SIG_new
 X509_STORE_CTX_cleanup
 X509_STORE_CTX_free
+X509_STORE_CTX_get0_cert
 X509_STORE_CTX_get0_current_crl
 X509_STORE_CTX_get0_current_issuer
 X509_STORE_CTX_get0_param
 X509_STORE_CTX_get0_parent_ctx
 X509_STORE_CTX_get0_policy_tree
+X509_STORE_CTX_get0_untrusted
 X509_STORE_CTX_get1_chain
 X509_STORE_CTX_get1_issuer
 X509_STORE_CTX_get_chain
@@ -2760,6 +2762,8 @@ X509_STORE_CTX_new
 X509_STORE_CTX_purpose_inherit
 X509_STORE_CTX_set0_crls
 X509_STORE_CTX_set0_param
+X509_STORE_CTX_set0_trusted_stack
+X509_STORE_CTX_set0_untrusted
 X509_STORE_CTX_set_cert
 X509_STORE_CTX_set_chain
 X509_STORE_CTX_set_default

diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c
index 8efff68..70e03cf 100644 (file)
--- a/lib/libcrypto/x509/x509_vfy.c
+++ b/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.66 2017/08/27 01:39:26 beck Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.67 2018/02/14 17:06:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2301,6 +2301,12 @@ X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
        ctx->get_issuer = get_issuer_sk;
 }
 
+void
+X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+       X509_STORE_CTX_trusted_stack(ctx, sk);
+}
+
 void
 X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
 {
@@ -2349,6 +2355,24 @@ X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
        ctx->verify_cb = verify_cb;
 }
 
+X509 *
+X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)
+{
+       return ctx->cert;
+}
+
+STACK_OF(X509) *
+X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx)
+{
+       return ctx->untrusted;
+}
+
+void
+X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+       ctx->untrusted = sk;
+}
+
 X509_POLICY_TREE *
 X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
 {

diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h
index a9cf7e0..ed49179 100644 (file)
--- a/lib/libcrypto/x509/x509_vfy.h
+++ b/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.19 2018/02/10 04:33:47 jsing Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.20 2018/02/14 17:06:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -446,7 +446,11 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
 void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
 int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
                         X509 *x509, STACK_OF(X509) *chain);
+X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
 void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
 
 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
@@ -512,7 +516,7 @@ void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
                                                                time_t t);
 void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
                                  int (*verify_cb)(int, X509_STORE_CTX *));
-  
+ 
 X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
 int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);