summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_trs.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509/x509_trs.c')
-rw-r--r--src/lib/libcrypto/x509/x509_trs.c29
1 files changed, 24 insertions, 5 deletions
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
index 86b3b79dcc..17d69ac005 100644
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ b/src/lib/libcrypto/x509/x509_trs.c
@@ -66,6 +66,7 @@ static int tr_cmp(const X509_TRUST * const *a,
66static void trtable_free(X509_TRUST *p); 66static void trtable_free(X509_TRUST *p);
67 67
68static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); 68static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
69static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
69static int trust_compat(X509_TRUST *trust, X509 *x, int flags); 70static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
70 71
71static int obj_trust(int id, X509 *x, int flags); 72static int obj_trust(int id, X509 *x, int flags);
@@ -79,8 +80,10 @@ static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
79static X509_TRUST trstandard[] = { 80static X509_TRUST trstandard[] = {
80{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL}, 81{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
81{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, 82{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
82{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}, 83{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL},
83{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, 84{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
85{X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
86{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}
84}; 87};
85 88
86#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST)) 89#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST))
@@ -97,10 +100,10 @@ static int tr_cmp(const X509_TRUST * const *a,
97 100
98int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int) 101int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
99{ 102{
100int (*oldtrust)(int , X509 *, int); 103 int (*oldtrust)(int , X509 *, int);
101oldtrust = default_trust; 104 oldtrust = default_trust;
102default_trust = trust; 105 default_trust = trust;
103return oldtrust; 106 return oldtrust;
104} 107}
105 108
106 109
@@ -141,6 +144,16 @@ int X509_TRUST_get_by_id(int id)
141 return idx + X509_TRUST_COUNT; 144 return idx + X509_TRUST_COUNT;
142} 145}
143 146
147int X509_TRUST_set(int *t, int trust)
148{
149 if(X509_TRUST_get_by_id(trust) == -1) {
150 X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
151 return 0;
152 }
153 *t = trust;
154 return 1;
155}
156
144int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), 157int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
145 char *name, int arg1, void *arg2) 158 char *name, int arg1, void *arg2)
146{ 159{
@@ -236,6 +249,12 @@ static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
236 return trust_compat(trust, x, flags); 249 return trust_compat(trust, x, flags);
237} 250}
238 251
252static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
253{
254 if(x->aux) return obj_trust(trust->arg1, x, flags);
255 return X509_TRUST_UNTRUSTED;
256}
257
239static int trust_compat(X509_TRUST *trust, X509 *x, int flags) 258static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
240{ 259{
241 X509_check_purpose(x, -1, 0); 260 X509_check_purpose(x, -1, 0);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 03:18:02 +0000