Clean up X509_STORE_add_{cert,crl}().

Add a X509_STORE_add_object() function that adds an X509 object to the
store and takes care of locking and cleaning up. This way we can set up
an X509_OBJECT for both the cert and CRL case and hand over to the new
function.

There is one intentional change of behavior: if there is an attempt to
add an object which is already present in the store, succeed instead of
throwing an error. This makes sense and is also the OpenSSL behavior.

As pointed out by jsing, this is a partial fix for the long standing
GH issue #100 on libtls where connections would fail if the store
contains duplicate certificates.

Also: remove the internal X509_OBJECT_dec_ref_count(), which is no
longer used.

ok jsing

0 files changed, 0 insertions, 0 deletions