diff options
author | tb <> | 2022-09-11 18:08:17 +0000 |
---|---|---|
committer | tb <> | 2022-09-11 18:08:17 +0000 |
commit | 5a8ffd75ecba7196fd248d2edc3c2f483dbf424b (patch) | |
tree | 4ce7626f9b050dfaf6af9e424ff57e7702e9a68f /src/usr.bin | |
parent | adff37448fd0872af6649b8b84fab06f149976f3 (diff) | |
download | openbsd-5a8ffd75ecba7196fd248d2edc3c2f483dbf424b.tar.gz openbsd-5a8ffd75ecba7196fd248d2edc3c2f483dbf424b.tar.bz2 openbsd-5a8ffd75ecba7196fd248d2edc3c2f483dbf424b.zip |
Adjust for opaque structs in ts.h
ok jsing
Diffstat (limited to 'src/usr.bin')
-rw-r--r-- | src/usr.bin/openssl/ts.c | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c index 94da634b45..24301b69a5 100644 --- a/src/usr.bin/openssl/ts.c +++ b/src/usr.bin/openssl/ts.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ts.c,v 1.23 2022/03/27 00:37:10 inoguchi Exp $ */ | 1 | /* $OpenBSD: ts.c,v 1.24 2022/09/11 18:08:17 tb Exp $ */ |
2 | /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL | 2 | /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL |
3 | * project 2002. | 3 | * project 2002. |
4 | */ | 4 | */ |
@@ -870,7 +870,7 @@ read_PKCS7(BIO *in_bio) | |||
870 | /* Create granted status info. */ | 870 | /* Create granted status info. */ |
871 | if ((si = TS_STATUS_INFO_new()) == NULL) | 871 | if ((si = TS_STATUS_INFO_new()) == NULL) |
872 | goto end; | 872 | goto end; |
873 | if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED))) | 873 | if (!TS_STATUS_INFO_set_status(si, TS_STATUS_GRANTED)) |
874 | goto end; | 874 | goto end; |
875 | if (!TS_RESP_set_status_info(resp, si)) | 875 | if (!TS_RESP_set_status_info(resp, si)) |
876 | goto end; | 876 | goto end; |
@@ -1118,25 +1118,32 @@ create_verify_ctx(char *data, char *digest, char *queryfile, char *ca_path, | |||
1118 | TS_VERIFY_CTX *ctx = NULL; | 1118 | TS_VERIFY_CTX *ctx = NULL; |
1119 | BIO *input = NULL; | 1119 | BIO *input = NULL; |
1120 | TS_REQ *request = NULL; | 1120 | TS_REQ *request = NULL; |
1121 | X509_STORE *store; | ||
1122 | STACK_OF(X509) *certs; | ||
1121 | int ret = 0; | 1123 | int ret = 0; |
1122 | 1124 | ||
1123 | if (data != NULL || digest != NULL) { | 1125 | if (data != NULL || digest != NULL) { |
1124 | if ((ctx = TS_VERIFY_CTX_new()) == NULL) | 1126 | if ((ctx = TS_VERIFY_CTX_new()) == NULL) |
1125 | goto err; | 1127 | goto err; |
1126 | ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER; | 1128 | TS_VERIFY_CTX_set_flags(ctx, TS_VFY_VERSION | TS_VFY_SIGNER); |
1127 | if (data != NULL) { | 1129 | if (data != NULL) { |
1128 | ctx->flags |= TS_VFY_DATA; | 1130 | BIO *data_bio; |
1129 | if ((ctx->data = BIO_new_file(data, "rb")) == NULL) | 1131 | |
1132 | TS_VERIFY_CTX_add_flags(ctx, TS_VFY_DATA); | ||
1133 | if ((data_bio = BIO_new_file(data, "rb")) == NULL) | ||
1130 | goto err; | 1134 | goto err; |
1135 | TS_VERIFY_CTX_set_data(ctx, data_bio); | ||
1131 | } else if (digest != NULL) { | 1136 | } else if (digest != NULL) { |
1137 | unsigned char *imprint; | ||
1132 | long imprint_len; | 1138 | long imprint_len; |
1133 | ctx->flags |= TS_VFY_IMPRINT; | 1139 | |
1134 | if ((ctx->imprint = string_to_hex(digest, | 1140 | TS_VERIFY_CTX_add_flags(ctx, TS_VFY_IMPRINT); |
1135 | &imprint_len)) == NULL) { | 1141 | if ((imprint = string_to_hex(digest, |
1142 | &imprint_len)) == NULL) { | ||
1136 | BIO_printf(bio_err, "invalid digest string\n"); | 1143 | BIO_printf(bio_err, "invalid digest string\n"); |
1137 | goto err; | 1144 | goto err; |
1138 | } | 1145 | } |
1139 | ctx->imprint_len = imprint_len; | 1146 | TS_VERIFY_CTX_set_imprint(ctx, imprint, imprint_len); |
1140 | } | 1147 | } |
1141 | } else if (queryfile != NULL) { | 1148 | } else if (queryfile != NULL) { |
1142 | /* | 1149 | /* |
@@ -1153,16 +1160,19 @@ create_verify_ctx(char *data, char *digest, char *queryfile, char *ca_path, | |||
1153 | return NULL; | 1160 | return NULL; |
1154 | 1161 | ||
1155 | /* Add the signature verification flag and arguments. */ | 1162 | /* Add the signature verification flag and arguments. */ |
1156 | ctx->flags |= TS_VFY_SIGNATURE; | 1163 | TS_VERIFY_CTX_add_flags(ctx, TS_VFY_SIGNATURE); |
1157 | 1164 | ||
1158 | /* Initialising the X509_STORE object. */ | 1165 | /* Initialising the X509_STORE object. */ |
1159 | if ((ctx->store = create_cert_store(ca_path, ca_file)) == NULL) | 1166 | if ((store = create_cert_store(ca_path, ca_file)) == NULL) |
1160 | goto err; | 1167 | goto err; |
1168 | TS_VERIFY_CTX_set_store(ctx, store); | ||
1161 | 1169 | ||
1162 | /* Loading untrusted certificates. */ | 1170 | /* Loading untrusted certificates. */ |
1163 | if (untrusted != NULL && | 1171 | if (untrusted != NULL) { |
1164 | (ctx->certs = TS_CONF_load_certs(untrusted)) == NULL) | 1172 | if ((certs = TS_CONF_load_certs(untrusted)) == NULL) |
1165 | goto err; | 1173 | goto err; |
1174 | TS_VERIFY_CTX_set_certs(ctx, certs); | ||
1175 | } | ||
1166 | 1176 | ||
1167 | ret = 1; | 1177 | ret = 1; |
1168 | err: | 1178 | err: |