diff options
Diffstat (limited to 'src/lib/libcrypto/x509')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_trs.c | 1 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509_vfy.c | 4 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509type.c | 5 |
3 files changed, 6 insertions, 4 deletions
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c index 17d69ac005..881252608d 100644 --- a/src/lib/libcrypto/x509/x509_trs.c +++ b/src/lib/libcrypto/x509/x509_trs.c | |||
| @@ -82,6 +82,7 @@ static X509_TRUST trstandard[] = { | |||
| 82 | {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, | 82 | {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, |
| 83 | {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL}, | 83 | {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL}, |
| 84 | {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, | 84 | {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, |
| 85 | {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL}, | ||
| 85 | {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL}, | 86 | {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL}, |
| 86 | {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL} | 87 | {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL} |
| 87 | }; | 88 | }; |
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index 04997ba456..2bb21b443e 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c | |||
| @@ -453,9 +453,9 @@ static int check_revocation(X509_STORE_CTX *ctx) | |||
| 453 | if (!(ctx->flags & X509_V_FLAG_CRL_CHECK)) | 453 | if (!(ctx->flags & X509_V_FLAG_CRL_CHECK)) |
| 454 | return 1; | 454 | return 1; |
| 455 | if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL) | 455 | if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL) |
| 456 | last = 0; | ||
| 457 | else | ||
| 458 | last = sk_X509_num(ctx->chain) - 1; | 456 | last = sk_X509_num(ctx->chain) - 1; |
| 457 | else | ||
| 458 | last = 0; | ||
| 459 | for(i = 0; i <= last; i++) | 459 | for(i = 0; i <= last; i++) |
| 460 | { | 460 | { |
| 461 | ctx->error_depth = i; | 461 | ctx->error_depth = i; |
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c index 8e78b34458..f78c2a6b43 100644 --- a/src/lib/libcrypto/x509/x509type.c +++ b/src/lib/libcrypto/x509/x509type.c | |||
| @@ -99,14 +99,15 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) | |||
| 99 | case EVP_PKEY_RSA: | 99 | case EVP_PKEY_RSA: |
| 100 | ret|=EVP_PKS_RSA; | 100 | ret|=EVP_PKS_RSA; |
| 101 | break; | 101 | break; |
| 102 | case EVP_PKS_DSA: | 102 | case EVP_PKEY_DSA: |
| 103 | ret|=EVP_PKS_DSA; | 103 | ret|=EVP_PKS_DSA; |
| 104 | break; | 104 | break; |
| 105 | default: | 105 | default: |
| 106 | break; | 106 | break; |
| 107 | } | 107 | } |
| 108 | 108 | ||
| 109 | if (EVP_PKEY_size(pk) <= 512) | 109 | if (EVP_PKEY_size(pk) <= 512/8) /* /8 because it's 512 bits we look |
| 110 | for, not bytes */ | ||
| 110 | ret|=EVP_PKT_EXP; | 111 | ret|=EVP_PKT_EXP; |
| 111 | if(pkey==NULL) EVP_PKEY_free(pk); | 112 | if(pkey==NULL) EVP_PKEY_free(pk); |
| 112 | return(ret); | 113 | return(ret); |