summaryrefslogtreecommitdiff
path: root/src/usr.bin
diff options
context:
space:
mode:
authortb <>2022-09-11 18:08:17 +0000
committertb <>2022-09-11 18:08:17 +0000
commit5a8ffd75ecba7196fd248d2edc3c2f483dbf424b (patch)
tree4ce7626f9b050dfaf6af9e424ff57e7702e9a68f /src/usr.bin
parentadff37448fd0872af6649b8b84fab06f149976f3 (diff)
downloadopenbsd-5a8ffd75ecba7196fd248d2edc3c2f483dbf424b.tar.gz
openbsd-5a8ffd75ecba7196fd248d2edc3c2f483dbf424b.tar.bz2
openbsd-5a8ffd75ecba7196fd248d2edc3c2f483dbf424b.zip
Adjust for opaque structs in ts.h
ok jsing
Diffstat (limited to 'src/usr.bin')
-rw-r--r--src/usr.bin/openssl/ts.c38
1 files changed, 24 insertions, 14 deletions
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c
index 94da634b45..24301b69a5 100644
--- a/src/usr.bin/openssl/ts.c
+++ b/src/usr.bin/openssl/ts.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ts.c,v 1.23 2022/03/27 00:37:10 inoguchi Exp $ */ 1/* $OpenBSD: ts.c,v 1.24 2022/09/11 18:08:17 tb Exp $ */
2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL 2/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3 * project 2002. 3 * project 2002.
4 */ 4 */
@@ -870,7 +870,7 @@ read_PKCS7(BIO *in_bio)
870 /* Create granted status info. */ 870 /* Create granted status info. */
871 if ((si = TS_STATUS_INFO_new()) == NULL) 871 if ((si = TS_STATUS_INFO_new()) == NULL)
872 goto end; 872 goto end;
873 if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED))) 873 if (!TS_STATUS_INFO_set_status(si, TS_STATUS_GRANTED))
874 goto end; 874 goto end;
875 if (!TS_RESP_set_status_info(resp, si)) 875 if (!TS_RESP_set_status_info(resp, si))
876 goto end; 876 goto end;
@@ -1118,25 +1118,32 @@ create_verify_ctx(char *data, char *digest, char *queryfile, char *ca_path,
1118 TS_VERIFY_CTX *ctx = NULL; 1118 TS_VERIFY_CTX *ctx = NULL;
1119 BIO *input = NULL; 1119 BIO *input = NULL;
1120 TS_REQ *request = NULL; 1120 TS_REQ *request = NULL;
1121 X509_STORE *store;
1122 STACK_OF(X509) *certs;
1121 int ret = 0; 1123 int ret = 0;
1122 1124
1123 if (data != NULL || digest != NULL) { 1125 if (data != NULL || digest != NULL) {
1124 if ((ctx = TS_VERIFY_CTX_new()) == NULL) 1126 if ((ctx = TS_VERIFY_CTX_new()) == NULL)
1125 goto err; 1127 goto err;
1126 ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER; 1128 TS_VERIFY_CTX_set_flags(ctx, TS_VFY_VERSION | TS_VFY_SIGNER);
1127 if (data != NULL) { 1129 if (data != NULL) {
1128 ctx->flags |= TS_VFY_DATA; 1130 BIO *data_bio;
1129 if ((ctx->data = BIO_new_file(data, "rb")) == NULL) 1131
1132 TS_VERIFY_CTX_add_flags(ctx, TS_VFY_DATA);
1133 if ((data_bio = BIO_new_file(data, "rb")) == NULL)
1130 goto err; 1134 goto err;
1135 TS_VERIFY_CTX_set_data(ctx, data_bio);
1131 } else if (digest != NULL) { 1136 } else if (digest != NULL) {
1137 unsigned char *imprint;
1132 long imprint_len; 1138 long imprint_len;
1133 ctx->flags |= TS_VFY_IMPRINT; 1139
1134 if ((ctx->imprint = string_to_hex(digest, 1140 TS_VERIFY_CTX_add_flags(ctx, TS_VFY_IMPRINT);
1135 &imprint_len)) == NULL) { 1141 if ((imprint = string_to_hex(digest,
1142 &imprint_len)) == NULL) {
1136 BIO_printf(bio_err, "invalid digest string\n"); 1143 BIO_printf(bio_err, "invalid digest string\n");
1137 goto err; 1144 goto err;
1138 } 1145 }
1139 ctx->imprint_len = imprint_len; 1146 TS_VERIFY_CTX_set_imprint(ctx, imprint, imprint_len);
1140 } 1147 }
1141 } else if (queryfile != NULL) { 1148 } else if (queryfile != NULL) {
1142 /* 1149 /*
@@ -1153,16 +1160,19 @@ create_verify_ctx(char *data, char *digest, char *queryfile, char *ca_path,
1153 return NULL; 1160 return NULL;
1154 1161
1155 /* Add the signature verification flag and arguments. */ 1162 /* Add the signature verification flag and arguments. */
1156 ctx->flags |= TS_VFY_SIGNATURE; 1163 TS_VERIFY_CTX_add_flags(ctx, TS_VFY_SIGNATURE);
1157 1164
1158 /* Initialising the X509_STORE object. */ 1165 /* Initialising the X509_STORE object. */
1159 if ((ctx->store = create_cert_store(ca_path, ca_file)) == NULL) 1166 if ((store = create_cert_store(ca_path, ca_file)) == NULL)
1160 goto err; 1167 goto err;
1168 TS_VERIFY_CTX_set_store(ctx, store);
1161 1169
1162 /* Loading untrusted certificates. */ 1170 /* Loading untrusted certificates. */
1163 if (untrusted != NULL && 1171 if (untrusted != NULL) {
1164 (ctx->certs = TS_CONF_load_certs(untrusted)) == NULL) 1172 if ((certs = TS_CONF_load_certs(untrusted)) == NULL)
1165 goto err; 1173 goto err;
1174 TS_VERIFY_CTX_set_certs(ctx, certs);
1175 }
1166 1176
1167 ret = 1; 1177 ret = 1;
1168 err: 1178 err: