Prepare to provide X509_VERIFY_PARAM_set_auth_level()

For some unknown reason this needed a different name than security_level, both internally and in the public API. Obviously it is exactly the same garbage. ok beck jsing
author: tb <> 2022-06-27 14:00:09 +0000
committer: tb <> 2022-06-27 14:00:09 +0000
commit: 6ed54976ab988ec7cfdbaf1ac00396b0eea716ba (patch)
tree: 6652b704559804a63e8900495dcb6dbcab41a07c /src
parent: 1dfc6d4bc0a9c452ed36f0b04d5dcf53b77e6f1f (diff)
download: openbsd-6ed54976ab988ec7cfdbaf1ac00396b0eea716ba.tar.gz
openbsd-6ed54976ab988ec7cfdbaf1ac00396b0eea716ba.tar.bz2
openbsd-6ed54976ab988ec7cfdbaf1ac00396b0eea716ba.zip
3 files changed, 12 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_lcl.h b/src/lib/libcrypto/x509/x509_lcl.h
index 5beef8a94d..d42fa4ad8b 100644
--- a/src/lib/libcrypto/x509/x509_lcl.h
+++ b/src/lib/libcrypto/x509/x509_lcl.h
@@ -272,6 +272,7 @@ struct X509_VERIFY_PARAM_st {
        int purpose;            /* purpose to check untrusted certificates */
        int trust;              /* trust setting to check */
        int depth;              /* Verify depth */
+        int security_level;     /* 'Security level', see SP800-57. */
        STACK_OF(ASN1_OBJECT) *policies;        /* Permissible policies */
        X509_VERIFY_PARAM_ID *id;       /* opaque ID data */
 } /* X509_VERIFY_PARAM */;
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index 9a649cbbad..a007fe4795 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.50 2022/01/14 07:53:45 tb Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.51 2022/06/27 14:00:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -426,6 +426,9 @@ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
 void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+#if defined(LIBRESSL_INTERNAL)
+void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);
+#endif
 void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
 int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
                                                ASN1_OBJECT *policy);
diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c
index 13171e40f5..d4ec2c597f 100644
--- a/src/lib/libcrypto/x509/x509_vpm.c
+++ b/src/lib/libcrypto/x509/x509_vpm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vpm.c,v 1.28 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: x509_vpm.c,v 1.29 2022/06/27 14:00:09 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2004.
 */
@@ -454,6 +454,12 @@ X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
 }
 void
+X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level)
+{
+        param->security_level = auth_level;
+}
+void
 X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
 {
        param->check_time = t;
author	tb <>	2022-06-27 14:00:09 +0000
committer	tb <>	2022-06-27 14:00:09 +0000
commit	6ed54976ab988ec7cfdbaf1ac00396b0eea716ba (patch)
tree	6652b704559804a63e8900495dcb6dbcab41a07c /src
parent	1dfc6d4bc0a9c452ed36f0b04d5dcf53b77e6f1f (diff)
download	openbsd-6ed54976ab988ec7cfdbaf1ac00396b0eea716ba.tar.gz openbsd-6ed54976ab988ec7cfdbaf1ac00396b0eea716ba.tar.bz2 openbsd-6ed54976ab988ec7cfdbaf1ac00396b0eea716ba.zip