From 4f401870a3262534738c0f05a07e4830542afe31 Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 14 May 2023 20:20:40 +0000 Subject: [PATCH] Rename arguments of X509_STORE_CTX_init() It is higly confusing to call the list of untrusted certs chain, when you're later going to call X509_STORE_CTX_get0_chain() to get a completely unrelated chain by the verifier. Other X509_STORE_CTX APIs call this list of certs 'untrusted', so go with that. At the same time, rename the x509 into leaf, which is more explicit. suggested by/ok jsing --- lib/libcrypto/x509/x509_vfy.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index 2410d39b86f..6bc06187e1a 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.122 2023/05/08 14:51:00 tb Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.123 2023/05/14 20:20:40 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2308,8 +2308,8 @@ X509_STORE_CTX_free(X509_STORE_CTX *ctx) LCRYPTO_ALIAS(X509_STORE_CTX_free); int -X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, - STACK_OF(X509) *chain) +X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *leaf, + STACK_OF(X509) *untrusted) { int param_ret = 1; @@ -2337,8 +2337,8 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, * possible even on early exits. */ ctx->store = store; - ctx->cert = x509; - ctx->untrusted = chain; + ctx->cert = leaf; + ctx->untrusted = untrusted; if (store && store->verify) ctx->verify = store->verify; -- 2.20.1