OpenSSL 0.9.7 stable 2002 05 08 merge

author: beck <> 2002-05-15 02:29:21 +0000
committer: beck <> 2002-05-15 02:29:21 +0000
commit: b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9 (patch)
tree: fa27cf82a1250b64ed3bf5f4a18c7354d470bbcc /src/lib/libcrypto/x509/x509_trs.c
parent: e471e1ea98d673597b182ea85f29e30c97cd08b5 (diff)
download: openbsd-b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9.tar.gz
openbsd-b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9.tar.bz2
openbsd-b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9.zip
1 files changed, 24 insertions, 5 deletions
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
index 86b3b79dcc..17d69ac005 100644
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ b/src/lib/libcrypto/x509/x509_trs.c
@@ -66,6 +66,7 @@ static int tr_cmp(const X509_TRUST * const *a,
 static void trtable_free(X509_TRUST *p);
 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
+static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
 static int obj_trust(int id, X509 *x, int flags);
@@ -79,8 +80,10 @@ static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
 static X509_TRUST trstandard[] = {
 {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
 {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
-{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL},
+{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL},
 {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
+{X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
+{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}
 };
 #define X509_TRUST_COUNT        (sizeof(trstandard)/sizeof(X509_TRUST))
@@ -97,10 +100,10 @@ static int tr_cmp(const X509_TRUST * const *a,
 int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
 {
-int (*oldtrust)(int , X509 *, int);
+        int (*oldtrust)(int , X509 *, int);
-oldtrust = default_trust;
+        oldtrust = default_trust;
-default_trust = trust;
+        default_trust = trust;
-return oldtrust;
+        return oldtrust;
 }
@@ -141,6 +144,16 @@ int X509_TRUST_get_by_id(int id)
        return idx + X509_TRUST_COUNT;
 }
+int X509_TRUST_set(int *t, int trust)
+{
+        if(X509_TRUST_get_by_id(trust) == -1) {
+                X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
+                return 0;
+        }
+        *t = trust;
+        return 1;
+}
 int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
                                        char *name, int arg1, void *arg2)
 {
@@ -236,6 +249,12 @@ static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
        return trust_compat(trust, x, flags);
 }
+static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
+{
+        if(x->aux) return obj_trust(trust->arg1, x, flags);
+        return X509_TRUST_UNTRUSTED;
+}
 static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
 {
        X509_check_purpose(x, -1, 0);
author	beck <>	2002-05-15 02:29:21 +0000
committer	beck <>	2002-05-15 02:29:21 +0000
commit	b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9 (patch)
tree	fa27cf82a1250b64ed3bf5f4a18c7354d470bbcc /src/lib/libcrypto/x509/x509_trs.c
parent	e471e1ea98d673597b182ea85f29e30c97cd08b5 (diff)
download	openbsd-b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9.tar.gz openbsd-b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9.tar.bz2 openbsd-b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9.zip