summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/x509/x509_lu.c25
1 files changed, 7 insertions, 18 deletions
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index 4336fb90f2..d567dea29b 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_lu.c,v 1.32 2021/10/21 16:03:17 tb Exp $ */ 1/* $OpenBSD: x509_lu.c,v 1.33 2021/10/21 16:55:25 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -136,7 +136,7 @@ X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
136 X509_OBJECT *ret) 136 X509_OBJECT *ret)
137{ 137{
138 if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) 138 if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
139 return X509_LU_FAIL; 139 return 0;
140 if (ctx->skip) 140 if (ctx->skip)
141 return 0; 141 return 0;
142 return ctx->method->get_by_subject(ctx, type, name, ret); 142 return ctx->method->get_by_subject(ctx, type, name, ret);
@@ -148,7 +148,7 @@ X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
148{ 148{
149 if ((ctx->method == NULL) || 149 if ((ctx->method == NULL) ||
150 (ctx->method->get_by_issuer_serial == NULL)) 150 (ctx->method->get_by_issuer_serial == NULL))
151 return X509_LU_FAIL; 151 return 0;
152 return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret); 152 return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret);
153} 153}
154 154
@@ -157,7 +157,7 @@ X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
157 const unsigned char *bytes, int len, X509_OBJECT *ret) 157 const unsigned char *bytes, int len, X509_OBJECT *ret)
158{ 158{
159 if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) 159 if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
160 return X509_LU_FAIL; 160 return 0;
161 return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret); 161 return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret);
162} 162}
163 163
@@ -166,7 +166,7 @@ X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, const char *str, int len,
166 X509_OBJECT *ret) 166 X509_OBJECT *ret)
167{ 167{
168 if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) 168 if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
169 return X509_LU_FAIL; 169 return 0;
170 return ctx->method->get_by_alias(ctx, type, str, len, ret); 170 return ctx->method->get_by_alias(ctx, type, str, len, ret);
171} 171}
172 172
@@ -693,23 +693,12 @@ X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
693{ 693{
694 X509_NAME *xn; 694 X509_NAME *xn;
695 X509_OBJECT obj, *pobj; 695 X509_OBJECT obj, *pobj;
696 int i, ok, idx, ret; 696 int i, idx, ret;
697 697
698 *issuer = NULL; 698 *issuer = NULL;
699 xn = X509_get_issuer_name(x); 699 xn = X509_get_issuer_name(x);
700 ok = X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj); 700 if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj))
701 if (ok != X509_LU_X509) {
702 if (ok == X509_LU_RETRY) {
703 X509_OBJECT_free_contents(&obj);
704 X509error(X509_R_SHOULD_RETRY);
705 return -1;
706 } else if (ok != X509_LU_FAIL) {
707 X509_OBJECT_free_contents(&obj);
708 /* not good :-(, break anyway */
709 return -1;
710 }
711 return 0; 701 return 0;
712 }
713 /* If certificate matches all OK */ 702 /* If certificate matches all OK */
714 if (ctx->check_issued(ctx, x, obj.data.x509)) { 703 if (ctx->check_issued(ctx, x, obj.data.x509)) {
715 if (x509_check_cert_time(ctx, obj.data.x509, 1)) { 704 if (x509_check_cert_time(ctx, obj.data.x509, 1)) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-03 02:00:33 +0000