From: tb Date: Wed, 10 Jan 2024 21:19:56 +0000 (+0000) Subject: X509_TRUST: group together all trust_*() functions X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=64cb89d06aefcb3718d3e896e88d6f800e3f93bc;p=openbsd X509_TRUST: group together all trust_*() functions Now they are next to the trstandard[] table and listed in the order they appear in the table. --- diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index c1191b40ed2..4391907ca63 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_trs.c,v 1.37 2024/01/10 21:14:14 tb Exp $ */ +/* $OpenBSD: x509_trs.c,v 1.38 2024/01/10 21:19:56 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -64,19 +64,6 @@ #include "x509_local.h" -static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); -static int trust_1oid(X509_TRUST *trust, X509 *x, int flags); - -static int -trust_compat(X509_TRUST *trust, X509 *x, int flags) -{ - X509_check_purpose(x, -1, 0); - if (x->ex_flags & EXFLAG_SS) - return X509_TRUST_TRUSTED; - else - return X509_TRUST_UNTRUSTED; -} - static int obj_trust(int id, X509 *x, int flags) { @@ -106,6 +93,35 @@ obj_trust(int id, X509 *x, int flags) return X509_TRUST_UNTRUSTED; } +static int +trust_compat(X509_TRUST *trust, X509 *x, int flags) +{ + X509_check_purpose(x, -1, 0); + if (x->ex_flags & EXFLAG_SS) + return X509_TRUST_TRUSTED; + else + return X509_TRUST_UNTRUSTED; +} + +static int +trust_1oidany(X509_TRUST *trust, X509 *x, int flags) +{ + if (x->aux && (x->aux->trust || x->aux->reject)) + return obj_trust(trust->arg1, x, flags); + /* we don't have any trust settings: for compatibility + * we return trusted if it is self signed + */ + return trust_compat(trust, x, flags); +} + +static int +trust_1oid(X509_TRUST *trust, X509 *x, int flags) +{ + if (x->aux) + return obj_trust(trust->arg1, x, flags); + return X509_TRUST_UNTRUSTED; +} + /* WARNING: the following table should be kept in order of trust * and without any gaps so we can just subtract the minimum trust * value to get an index into the table @@ -286,22 +302,3 @@ X509_TRUST_get_trust(const X509_TRUST *xp) return xp->trust; } LCRYPTO_ALIAS(X509_TRUST_get_trust); - -static int -trust_1oidany(X509_TRUST *trust, X509 *x, int flags) -{ - if (x->aux && (x->aux->trust || x->aux->reject)) - return obj_trust(trust->arg1, x, flags); - /* we don't have any trust settings: for compatibility - * we return trusted if it is self signed - */ - return trust_compat(trust, x, flags); -} - -static int -trust_1oid(X509_TRUST *trust, X509 *x, int flags) -{ - if (x->aux) - return obj_trust(trust->arg1, x, flags); - return X509_TRUST_UNTRUSTED; -}