From: tb Date: Sun, 16 Apr 2023 08:30:21 +0000 (+0000) Subject: Prepare addition of X509_STORE_CTX_get1_{certs,crls}(3) X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=42bb9d3d5b75e4cfa3223e7db900bbe39d51c442;p=openbsd Prepare addition of X509_STORE_CTX_get1_{certs,crls}(3) X509_STORE_get1_{certs,crls}(3) was added to the OpenSSL 1.1 API with the usual care. At some point later it was noticed that they didn't deal with an X509_STORE at all, but rather with an X509_STORE_CTX, so were misnamed. The fact that X509_STORE_CTX and X509_STORE have their roles reversed when compared to other FOO vs FOO_CTX in this API may or may not be related. Anyway, the X509_STORE versions will be demoted to compat defines and the X509_STORE_CTX will be added to match OpenSSL 1.1 API more closely. This was pointed out by schwarze a long time ago and missed in a few bumps. Hopefully we'll manage to do it this time around. ok jsing --- diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 65d11d91079..584251d18f5 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_lu.c,v 1.58 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: x509_lu.c,v 1.59 2023/04/16 08:30:21 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -593,8 +593,13 @@ X509_get1_certs_from_cache(X509_STORE *store, X509_NAME *name) return NULL; } +#if defined(LIBRESSL_NEXT_API) +STACK_OF(X509) * +X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *name) +#else STACK_OF(X509) * X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *name) +#endif { X509_STORE *store = ctx->store; STACK_OF(X509) *sk; @@ -614,10 +619,19 @@ X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *name) return X509_get1_certs_from_cache(store, name); } +#if defined(LIBRESSL_NEXT_API) +LCRYPTO_ALIAS(X509_STORE_CTX_get1_certs); +#else LCRYPTO_ALIAS(X509_STORE_get1_certs); +#endif +#if defined(LIBRESSL_NEXT_API) +STACK_OF(X509_CRL) * +X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *name) +#else STACK_OF(X509_CRL) * X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *name) +#endif { X509_STORE *store = ctx->store; STACK_OF(X509_CRL) *sk = NULL; @@ -665,7 +679,11 @@ X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *name) sk_X509_CRL_pop_free(sk, X509_CRL_free); return NULL; } +#if defined(LIBRESSL_NEXT_API) +LCRYPTO_ALIAS(X509_STORE_CTX_get1_crls); +#else LCRYPTO_ALIAS(X509_STORE_get1_crls); +#endif X509_OBJECT * X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x) diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h index f5b103a0e76..3eb92b0f7fd 100644 --- a/lib/libcrypto/x509/x509_vfy.h +++ b/lib/libcrypto/x509/x509_vfy.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.h,v 1.59 2023/04/16 08:21:12 tb Exp $ */ +/* $OpenBSD: x509_vfy.h,v 1.60 2023/04/16 08:30:21 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -285,8 +285,15 @@ X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *xo); X509_STORE *X509_STORE_new(void); void X509_STORE_free(X509_STORE *v); int X509_STORE_up_ref(X509_STORE *x); +#if defined(LIBRESSL_NEXT_API) +#define X509_STORE_get1_certs X509_STORE_CTX_get1_certs +#define X509_STORE_get1_crls X509_STORE_CTX_get1_crls +STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); +STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); +#else STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); +#endif STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *xs); void *X509_STORE_get_ex_data(X509_STORE *xs, int idx); int X509_STORE_set_ex_data(X509_STORE *xs, int idx, void *data);