summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index d9b68109cd..92aa9dfc5b 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.c,v 1.135 2023/12/23 00:52:13 tb Exp $ */ 1/* $OpenBSD: x509_vfy.c,v 1.136 2024/01/07 18:15:42 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2163,7 +2163,8 @@ X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
2163} 2163}
2164LCRYPTO_ALIAS(X509_STORE_CTX_set0_crls); 2164LCRYPTO_ALIAS(X509_STORE_CTX_set0_crls);
2165 2165
2166/* This function is used to set the X509_STORE_CTX purpose and trust 2166/*
2167 * This function is used to set the X509_STORE_CTX purpose and trust
2167 * values. This is intended to be used when another structure has its 2168 * values. This is intended to be used when another structure has its
2168 * own trust and purpose values which (if set) will be inherited by 2169 * own trust and purpose values which (if set) will be inherited by
2169 * the ctx. If they aren't set then we will usually have a default 2170 * the ctx. If they aren't set then we will usually have a default
@@ -2172,7 +2173,6 @@ LCRYPTO_ALIAS(X509_STORE_CTX_set0_crls);
2172 * purpose and trust settings which the application can set: if they 2173 * purpose and trust settings which the application can set: if they
2173 * aren't set then we use the default of SSL client/server. 2174 * aren't set then we use the default of SSL client/server.
2174 */ 2175 */
2175
2176int 2176int
2177X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, 2177X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2178 int purpose, int trust) 2178 int purpose, int trust)
@@ -2180,10 +2180,10 @@ X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2180 int idx; 2180 int idx;
2181 2181
2182 /* If purpose not set use default */ 2182 /* If purpose not set use default */
2183 if (!purpose) 2183 if (purpose == 0)
2184 purpose = def_purpose; 2184 purpose = def_purpose;
2185 /* If we have a purpose then check it is valid */ 2185 /* If we have a purpose then check it is valid */
2186 if (purpose) { 2186 if (purpose != 0) {
2187 X509_PURPOSE *ptmp; 2187 X509_PURPOSE *ptmp;
2188 idx = X509_PURPOSE_get_by_id(purpose); 2188 idx = X509_PURPOSE_get_by_id(purpose);
2189 if (idx == -1) { 2189 if (idx == -1) {
@@ -2200,10 +2200,10 @@ X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2200 ptmp = X509_PURPOSE_get0(idx); 2200 ptmp = X509_PURPOSE_get0(idx);
2201 } 2201 }
2202 /* If trust not set then get from purpose default */ 2202 /* If trust not set then get from purpose default */
2203 if (!trust) 2203 if (trust == 0)
2204 trust = ptmp->trust; 2204 trust = ptmp->trust;
2205 } 2205 }
2206 if (trust) { 2206 if (trust != 0) {
2207 idx = X509_TRUST_get_by_id(trust); 2207 idx = X509_TRUST_get_by_id(trust);
2208 if (idx == -1) { 2208 if (idx == -1) {
2209 X509error(X509_R_UNKNOWN_TRUST_ID); 2209 X509error(X509_R_UNKNOWN_TRUST_ID);
@@ -2211,10 +2211,11 @@ X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2211 } 2211 }
2212 } 2212 }
2213 2213
2214 if (purpose && !ctx->param->purpose) 2214 if (purpose != 0 && ctx->param->purpose == 0)
2215 ctx->param->purpose = purpose; 2215 ctx->param->purpose = purpose;
2216 if (trust && !ctx->param->trust) 2216 if (trust != 0 && ctx->param->trust == 0)
2217 ctx->param->trust = trust; 2217 ctx->param->trust = trust;
2218
2218 return 1; 2219 return 1;
2219} 2220}
2220LCRYPTO_ALIAS(X509_STORE_CTX_purpose_inherit); 2221LCRYPTO_ALIAS(X509_STORE_CTX_purpose_inherit);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-22 21:07:04 +0000