summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib
diff options
context:
space:
mode:
authortb <>2021-11-05 17:15:05 +0000
committertb <>2021-11-05 17:15:05 +0000
commit35281d1b5461a6728e9882f21c6b2d5d1329ff56 (patch)
tree4692ac58ae174ac3dd85c669147b251664e29b67 /src/lib/libc/stdlib
parenta6ece9a5379927c4356acd958611604b45abd9fd (diff)
downloadopenbsd-35281d1b5461a6728e9882f21c6b2d5d1329ff56.tar.gz
openbsd-35281d1b5461a6728e9882f21c6b2d5d1329ff56.tar.bz2
openbsd-35281d1b5461a6728e9882f21c6b2d5d1329ff56.zip
Clean up X509_STORE_add_{cert,crl}().
Add a X509_STORE_add_object() function that adds an X509 object to the store and takes care of locking and cleaning up. This way we can set up an X509_OBJECT for both the cert and CRL case and hand over to the new function. There is one intentional change of behavior: if there is an attempt to add an object which is already present in the store, succeed instead of throwing an error. This makes sense and is also the OpenSSL behavior. As pointed out by jsing, this is a partial fix for the long standing GH issue #100 on libtls where connections would fail if the store contains duplicate certificates. Also: remove the internal X509_OBJECT_dec_ref_count(), which is no longer used. ok jsing
Diffstat (limited to 'src/lib/libc/stdlib')
0 files changed, 0 insertions, 0 deletions