1 files changed, 96 insertions, 75 deletions
diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c
index 7f0824f75e..f0d2a0902e 100644
--- a/src/lib/libcrypto/x509/x509_vpm.c
+++ b/src/lib/libcrypto/x509/x509_vpm.c
@@ -10,7 +10,7 @@
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
@@ -67,7 +67,8 @@
 /* X509_VERIFY_PARAM functions */
-static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
+static void
+x509_verify_param_zero(X509_VERIFY_PARAM *param)
 {
        if (!param)
                return;
@@ -84,16 +85,19 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
        }
 }
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
+X509_VERIFY_PARAM *
+X509_VERIFY_PARAM_new(void)
 {
        X509_VERIFY_PARAM *param;
        param = malloc(sizeof(X509_VERIFY_PARAM));
        memset(param, 0, sizeof(X509_VERIFY_PARAM));
        x509_verify_param_zero(param);
        return param;
 }
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
+void
+X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
 {
        x509_verify_param_zero(param);
        free(param);
@@ -109,7 +113,7 @@ void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
 *    for SSL servers or clients but only if the application has not set new
 *    ones.
 *
- * The "inh_flags" field determines how this function behaves. 
+ * The "inh_flags" field determines how this function behaves.
 *
 * Normally any values which are set in the default are not copied from the
 * destination and verify flags are ORed together.
@@ -141,13 +145,14 @@ void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
 #define x509_verify_param_copy(field, def) \
        if (test_x509_verify_param_copy(field, def)) \
                dest->field = src->field
-                
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
-                                                const X509_VERIFY_PARAM *src)
+int
+X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest, const X509_VERIFY_PARAM *src)
 {
        unsigned long inh_flags;
        int to_default, to_overwrite;
        if (!src)
                return 1;
        inh_flags = dest->inh_flags | src->inh_flags;
@@ -193,18 +198,20 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
        return 1;
 }
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
+int
-                                                const X509_VERIFY_PARAM *from)
+X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, const X509_VERIFY_PARAM *from)
 {
        unsigned long save_flags = to->inh_flags;
        int ret;
        to->inh_flags |= X509_VP_FLAG_DEFAULT;
        ret = X509_VERIFY_PARAM_inherit(to, from);
        to->inh_flags = save_flags;
        return ret;
 }
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
+int
+X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
 {
        if (param->name)
                free(param->name);
@@ -214,7 +221,8 @@ int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
        return 0;
 }
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
+int
+X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
 {
        param->flags |= flags;
        if (flags & X509_V_FLAG_POLICY_MASK)
@@ -222,39 +230,46 @@ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
        return 1;
 }
-int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)
+int
+X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)
 {
        param->flags &= ~flags;
        return 1;
 }
-unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
+unsigned long
+X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
 {
        return param->flags;
 }
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
+int
+X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
 {
        return X509_PURPOSE_set(&param->purpose, purpose);
 }
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)
+int
+X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)
 {
        return X509_TRUST_set(&param->trust, trust);
 }
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
+void
+X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
 {
        param->depth = depth;
 }
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
+void
+X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
 {
        param->check_time = t;
        param->flags |= X509_V_FLAG_USE_CHECK_TIME;
 }
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy)
+int
+X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy)
 {
        if (!param->policies) {
                param->policies = sk_ASN1_OBJECT_new_null();
@@ -266,11 +281,13 @@ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy)
        return 1;
 }
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, 
+int
-                                        STACK_OF(ASN1_OBJECT) *policies)
+X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+    STACK_OF(ASN1_OBJECT) *policies)
 {
        int i;
        ASN1_OBJECT *oid, *doid;
        if (!param)
                return 0;
        if (param->policies)
@@ -299,7 +316,8 @@ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
        return 1;
 }
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
+int
+X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
 {
        return param->depth;
 }
@@ -312,80 +330,81 @@ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
 static const X509_VERIFY_PARAM default_table[] = {
        {
-        "default",      /* X509 default parameters */
+                "default",                      /* X509 default parameters */
-        0,              /* Check time */
+                0,                              /* Check time */
-        0,              /* internal flags */
+                0,                              /* internal flags */
-        0,              /* flags */
+                0,                              /* flags */
-        0,              /* purpose */
+                0,                              /* purpose */
-        0,              /* trust */
+                0,                              /* trust */
-        100,            /* depth */
+                100,                            /* depth */
-        NULL            /* policies */
+                NULL                            /* policies */
        },
        {
-        "pkcs7",                        /* S/MIME sign parameters */
+                "pkcs7",                        /* S/MIME sign parameters */
-        0,                              /* Check time */
+                0,                              /* Check time */
-        0,                              /* internal flags */
+                0,                              /* internal flags */
-        0,                              /* flags */
+                0,                              /* flags */
-        X509_PURPOSE_SMIME_SIGN,        /* purpose */
+                X509_PURPOSE_SMIME_SIGN,        /* purpose */
-        X509_TRUST_EMAIL,               /* trust */
+                X509_TRUST_EMAIL,               /* trust */
-        -1,                             /* depth */
+                -1,                             /* depth */
-        NULL                            /* policies */
+                NULL                            /* policies */
        },
        {
-        "smime_sign",                   /* S/MIME sign parameters */
+                "smime_sign",                   /* S/MIME sign parameters */
-        0,                              /* Check time */
+                0,                              /* Check time */
-        0,                              /* internal flags */
+                0,                              /* internal flags */
-        0,                              /* flags */
+                0,                              /* flags */
-        X509_PURPOSE_SMIME_SIGN,        /* purpose */
+                X509_PURPOSE_SMIME_SIGN,        /* purpose */
-        X509_TRUST_EMAIL,               /* trust */
+                X509_TRUST_EMAIL,               /* trust */
-        -1,                             /* depth */
+                -1,                             /* depth */
-        NULL                            /* policies */
+                NULL                            /* policies */
        },
        {
-        "ssl_client",                   /* SSL/TLS client parameters */
+                "ssl_client",                   /* SSL/TLS client parameters */
-        0,                              /* Check time */
+                0,                              /* Check time */
-        0,                              /* internal flags */
+                0,                              /* internal flags */
-        0,                              /* flags */
+                0,                              /* flags */
-        X509_PURPOSE_SSL_CLIENT,        /* purpose */
+                X509_PURPOSE_SSL_CLIENT,        /* purpose */
-        X509_TRUST_SSL_CLIENT,          /* trust */
+                X509_TRUST_SSL_CLIENT,          /* trust */
-        -1,                             /* depth */
+                -1,                             /* depth */
-        NULL                            /* policies */
+                NULL                            /* policies */
        },
        {
-        "ssl_server",                   /* SSL/TLS server parameters */
+                "ssl_server",                   /* SSL/TLS server parameters */
-        0,                              /* Check time */
+                0,                              /* Check time */
-        0,                              /* internal flags */
+                0,                              /* internal flags */
-        0,                              /* flags */
+                0,                              /* flags */
-        X509_PURPOSE_SSL_SERVER,        /* purpose */
+                X509_PURPOSE_SSL_SERVER,        /* purpose */
-        X509_TRUST_SSL_SERVER,          /* trust */
+                X509_TRUST_SSL_SERVER,          /* trust */
-        -1,                             /* depth */
+                -1,                             /* depth */
-        NULL                            /* policies */
+                NULL                            /* policies */
        }
 };
 static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
-static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
+static int
+table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
 {
        return strcmp(a->name, b->name);
 }
-DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
+DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
-                           table);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
-                             table);
-static int param_cmp(const X509_VERIFY_PARAM * const *a,
+static int
-                        const X509_VERIFY_PARAM * const *b)
+param_cmp(const X509_VERIFY_PARAM * const *a,
+    const X509_VERIFY_PARAM * const *b)
 {
        return strcmp((*a)->name, (*b)->name);
 }
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
+int
+X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
 {
        int idx;
        X509_VERIFY_PARAM *ptmp;
        if (!param_table) {
                param_table = sk_X509_VERIFY_PARAM_new(param_cmp);
                if (!param_table)
@@ -403,7 +422,8 @@ int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
        return 1;
 }
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name)
+const X509_VERIFY_PARAM *
+X509_VERIFY_PARAM_lookup(const char *name)
 {
        int idx;
        X509_VERIFY_PARAM pm;
@@ -415,13 +435,14 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name)
                        return sk_X509_VERIFY_PARAM_value(param_table, idx);
        }
        return OBJ_bsearch_table(&pm, default_table,
-                           sizeof(default_table)/sizeof(X509_VERIFY_PARAM));
+            sizeof(default_table)/sizeof(X509_VERIFY_PARAM));
 }
-void X509_VERIFY_PARAM_table_cleanup(void)
+void
+X509_VERIFY_PARAM_table_cleanup(void)
 {
        if (param_table)
                sk_X509_VERIFY_PARAM_pop_free(param_table,
-                                                X509_VERIFY_PARAM_free);
+                    X509_VERIFY_PARAM_free);
        param_table = NULL;
 }

diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c index 7f0824f75e..f0d2a0902e 100644 --- a/src/lib/libcrypto/x509/x509_vpm.c +++ b/src/lib/libcrypto/x509/x509_vpm.c
@@ -10,7 +10,7 @@
10	* are met:	10	* are met:
11	*	11	*
12	* 1. Redistributions of source code must retain the above copyright	12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.	13	* notice, this list of conditions and the following disclaimer.
14	*	14	*
15	* 2. Redistributions in binary form must reproduce the above copyright	15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in	16	* notice, this list of conditions and the following disclaimer in
@@ -67,7 +67,8 @@
67		67
68	/* X509_VERIFY_PARAM functions */	68	/* X509_VERIFY_PARAM functions */
69		69
70	static void x509_verify_param_zero(X509_VERIFY_PARAM *param)	70	static void
		71	x509_verify_param_zero(X509_VERIFY_PARAM *param)
71	{	72	{
72	if (!param)	73	if (!param)
73	return;	74	return;
@@ -84,16 +85,19 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
84	}	85	}
85	}	86	}
86		87
87	X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)	88	X509_VERIFY_PARAM *
		89	X509_VERIFY_PARAM_new(void)
88	{	90	{
89	X509_VERIFY_PARAM *param;	91	X509_VERIFY_PARAM *param;
		92
90	param = malloc(sizeof(X509_VERIFY_PARAM));	93	param = malloc(sizeof(X509_VERIFY_PARAM));
91	memset(param, 0, sizeof(X509_VERIFY_PARAM));	94	memset(param, 0, sizeof(X509_VERIFY_PARAM));
92	x509_verify_param_zero(param);	95	x509_verify_param_zero(param);
93	return param;	96	return param;
94	}	97	}
95		98
96	void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)	99	void
		100	X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
97	{	101	{
98	x509_verify_param_zero(param);	102	x509_verify_param_zero(param);
99	free(param);	103	free(param);
@@ -109,7 +113,7 @@ void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
109	* for SSL servers or clients but only if the application has not set new	113	* for SSL servers or clients but only if the application has not set new
110	* ones.	114	* ones.
111	*	115	*
112	* The "inh_flags" field determines how this function behaves.	116	* The "inh_flags" field determines how this function behaves.
113	*	117	*
114	* Normally any values which are set in the default are not copied from the	118	* Normally any values which are set in the default are not copied from the
115	* destination and verify flags are ORed together.	119	* destination and verify flags are ORed together.
@@ -141,13 +145,14 @@ void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
141	#define x509_verify_param_copy(field, def) \	145	#define x509_verify_param_copy(field, def) \
142	if (test_x509_verify_param_copy(field, def)) \	146	if (test_x509_verify_param_copy(field, def)) \
143	dest->field = src->field	147	dest->field = src->field
144
145		148
146	int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,	149
147	const X509_VERIFY_PARAM *src)	150	int
		151	X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM dest, const X509_VERIFY_PARAM src)
148	{	152	{
149	unsigned long inh_flags;	153	unsigned long inh_flags;
150	int to_default, to_overwrite;	154	int to_default, to_overwrite;
		155
151	if (!src)	156	if (!src)
152	return 1;	157	return 1;
153	inh_flags = dest->inh_flags \| src->inh_flags;	158	inh_flags = dest->inh_flags \| src->inh_flags;
@@ -193,18 +198,20 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
193	return 1;	198	return 1;
194	}	199	}
195		200
196	int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,	201	int
197	const X509_VERIFY_PARAM *from)	202	X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM to, const X509_VERIFY_PARAM from)
198	{	203	{
199	unsigned long save_flags = to->inh_flags;	204	unsigned long save_flags = to->inh_flags;
200	int ret;	205	int ret;
		206
201	to->inh_flags \|= X509_VP_FLAG_DEFAULT;	207	to->inh_flags \|= X509_VP_FLAG_DEFAULT;
202	ret = X509_VERIFY_PARAM_inherit(to, from);	208	ret = X509_VERIFY_PARAM_inherit(to, from);
203	to->inh_flags = save_flags;	209	to->inh_flags = save_flags;
204	return ret;	210	return ret;
205	}	211	}
206		212
207	int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM param, const char name)	213	int
		214	X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM param, const char name)
208	{	215	{
209	if (param->name)	216	if (param->name)
210	free(param->name);	217	free(param->name);
@@ -214,7 +221,8 @@ int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM param, const char name)
214	return 0;	221	return 0;
215	}	222	}
216		223
217	int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)	224	int
		225	X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
218	{	226	{
219	param->flags \|= flags;	227	param->flags \|= flags;
220	if (flags & X509_V_FLAG_POLICY_MASK)	228	if (flags & X509_V_FLAG_POLICY_MASK)
@@ -222,39 +230,46 @@ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
222	return 1;	230	return 1;
223	}	231	}
224		232
225	int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)	233	int
		234	X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)
226	{	235	{
227	param->flags &= ~flags;	236	param->flags &= ~flags;
228	return 1;	237	return 1;
229	}	238	}
230		239
231	unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)	240	unsigned long
		241	X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
232	{	242	{
233	return param->flags;	243	return param->flags;
234	}	244	}
235		245
236	int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)	246	int
		247	X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
237	{	248	{
238	return X509_PURPOSE_set(&param->purpose, purpose);	249	return X509_PURPOSE_set(&param->purpose, purpose);
239	}	250	}
240		251
241	int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)	252	int
		253	X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)
242	{	254	{
243	return X509_TRUST_set(&param->trust, trust);	255	return X509_TRUST_set(&param->trust, trust);
244	}	256	}
245		257
246	void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)	258	void
		259	X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
247	{	260	{
248	param->depth = depth;	261	param->depth = depth;
249	}	262	}
250		263
251	void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)	264	void
		265	X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
252	{	266	{
253	param->check_time = t;	267	param->check_time = t;
254	param->flags \|= X509_V_FLAG_USE_CHECK_TIME;	268	param->flags \|= X509_V_FLAG_USE_CHECK_TIME;
255	}	269	}
256		270
257	int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM param, ASN1_OBJECT policy)	271	int
		272	X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM param, ASN1_OBJECT policy)
258	{	273	{
259	if (!param->policies) {	274	if (!param->policies) {
260	param->policies = sk_ASN1_OBJECT_new_null();	275	param->policies = sk_ASN1_OBJECT_new_null();
@@ -266,11 +281,13 @@ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM param, ASN1_OBJECT policy)
266	return 1;	281	return 1;
267	}	282	}
268		283
269	int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,	284	int
270	STACK_OF(ASN1_OBJECT) *policies)	285	X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
		286	STACK_OF(ASN1_OBJECT) *policies)
271	{	287	{
272	int i;	288	int i;
273	ASN1_OBJECT oid, doid;	289	ASN1_OBJECT oid, doid;
		290
274	if (!param)	291	if (!param)
275	return 0;	292	return 0;
276	if (param->policies)	293	if (param->policies)
@@ -299,7 +316,8 @@ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
299	return 1;	316	return 1;
300	}	317	}
301		318
302	int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)	319	int
		320	X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
303	{	321	{
304	return param->depth;	322	return param->depth;
305	}	323	}
@@ -312,80 +330,81 @@ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
312		330
313	static const X509_VERIFY_PARAM default_table[] = {	331	static const X509_VERIFY_PARAM default_table[] = {
314	{	332	{
315	"default", /* X509 default parameters */	333	"default", /* X509 default parameters */
316	0, /* Check time */	334	0, /* Check time */
317	0, /* internal flags */	335	0, /* internal flags */
318	0, /* flags */	336	0, /* flags */
319	0, /* purpose */	337	0, /* purpose */
320	0, /* trust */	338	0, /* trust */
321	100, /* depth */	339	100, /* depth */
322	NULL /* policies */	340	NULL /* policies */
323	},	341	},
324	{	342	{
325	"pkcs7", /* S/MIME sign parameters */	343	"pkcs7", /* S/MIME sign parameters */
326	0, /* Check time */	344	0, /* Check time */
327	0, /* internal flags */	345	0, /* internal flags */
328	0, /* flags */	346	0, /* flags */
329	X509_PURPOSE_SMIME_SIGN, /* purpose */	347	X509_PURPOSE_SMIME_SIGN, /* purpose */
330	X509_TRUST_EMAIL, /* trust */	348	X509_TRUST_EMAIL, /* trust */
331	-1, /* depth */	349	-1, /* depth */
332	NULL /* policies */	350	NULL /* policies */
333	},	351	},
334	{	352	{
335	"smime_sign", /* S/MIME sign parameters */	353	"smime_sign", /* S/MIME sign parameters */
336	0, /* Check time */	354	0, /* Check time */
337	0, /* internal flags */	355	0, /* internal flags */
338	0, /* flags */	356	0, /* flags */
339	X509_PURPOSE_SMIME_SIGN, /* purpose */	357	X509_PURPOSE_SMIME_SIGN, /* purpose */
340	X509_TRUST_EMAIL, /* trust */	358	X509_TRUST_EMAIL, /* trust */
341	-1, /* depth */	359	-1, /* depth */
342	NULL /* policies */	360	NULL /* policies */
343	},	361	},
344	{	362	{
345	"ssl_client", /* SSL/TLS client parameters */	363	"ssl_client", /* SSL/TLS client parameters */
346	0, /* Check time */	364	0, /* Check time */
347	0, /* internal flags */	365	0, /* internal flags */
348	0, /* flags */	366	0, /* flags */
349	X509_PURPOSE_SSL_CLIENT, /* purpose */	367	X509_PURPOSE_SSL_CLIENT, /* purpose */
350	X509_TRUST_SSL_CLIENT, /* trust */	368	X509_TRUST_SSL_CLIENT, /* trust */
351	-1, /* depth */	369	-1, /* depth */
352	NULL /* policies */	370	NULL /* policies */
353	},	371	},
354	{	372	{
355	"ssl_server", /* SSL/TLS server parameters */	373	"ssl_server", /* SSL/TLS server parameters */
356	0, /* Check time */	374	0, /* Check time */
357	0, /* internal flags */	375	0, /* internal flags */
358	0, /* flags */	376	0, /* flags */
359	X509_PURPOSE_SSL_SERVER, /* purpose */	377	X509_PURPOSE_SSL_SERVER, /* purpose */
360	X509_TRUST_SSL_SERVER, /* trust */	378	X509_TRUST_SSL_SERVER, /* trust */
361	-1, /* depth */	379	-1, /* depth */
362	NULL /* policies */	380	NULL /* policies */
363	}	381	}
364	};	382	};
365		383
366	static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;	384	static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
367		385
368	static int table_cmp(const X509_VERIFY_PARAM a, const X509_VERIFY_PARAM b)	386	static int
369		387	table_cmp(const X509_VERIFY_PARAM a, const X509_VERIFY_PARAM b)
370	{	388	{
371	return strcmp(a->name, b->name);	389	return strcmp(a->name, b->name);
372	}	390	}
373		391
374	DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,	392	DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
375	table);	393	IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
376	IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
377	table);
378		394
379	static int param_cmp(const X509_VERIFY_PARAM * const *a,	395	static int
380	const X509_VERIFY_PARAM * const *b)	396	param_cmp(const X509_VERIFY_PARAM * const *a,
		397	const X509_VERIFY_PARAM * const *b)
381	{	398	{
382	return strcmp((a)->name, (b)->name);	399	return strcmp((a)->name, (b)->name);
383	}	400	}
384		401
385	int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)	402	int
		403	X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
386	{	404	{
387	int idx;	405	int idx;
388	X509_VERIFY_PARAM *ptmp;	406	X509_VERIFY_PARAM *ptmp;
		407
389	if (!param_table) {	408	if (!param_table) {
390	param_table = sk_X509_VERIFY_PARAM_new(param_cmp);	409	param_table = sk_X509_VERIFY_PARAM_new(param_cmp);
391	if (!param_table)	410	if (!param_table)
@@ -403,7 +422,8 @@ int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
403	return 1;	422	return 1;
404	}	423	}
405		424
406	const X509_VERIFY_PARAM X509_VERIFY_PARAM_lookup(const char name)	425	const X509_VERIFY_PARAM *
		426	X509_VERIFY_PARAM_lookup(const char *name)
407	{	427	{
408	int idx;	428	int idx;
409	X509_VERIFY_PARAM pm;	429	X509_VERIFY_PARAM pm;
@@ -415,13 +435,14 @@ const X509_VERIFY_PARAM X509_VERIFY_PARAM_lookup(const char name)
415	return sk_X509_VERIFY_PARAM_value(param_table, idx);	435	return sk_X509_VERIFY_PARAM_value(param_table, idx);
416	}	436	}
417	return OBJ_bsearch_table(&pm, default_table,	437	return OBJ_bsearch_table(&pm, default_table,
418	sizeof(default_table)/sizeof(X509_VERIFY_PARAM));	438	sizeof(default_table)/sizeof(X509_VERIFY_PARAM));
419	}	439	}
420		440
421	void X509_VERIFY_PARAM_table_cleanup(void)	441	void
		442	X509_VERIFY_PARAM_table_cleanup(void)
422	{	443	{
423	if (param_table)	444	if (param_table)
424	sk_X509_VERIFY_PARAM_pop_free(param_table,	445	sk_X509_VERIFY_PARAM_pop_free(param_table,
425	X509_VERIFY_PARAM_free);	446	X509_VERIFY_PARAM_free);
426	param_table = NULL;	447	param_table = NULL;
427	}	448	}