From 6d135bec667cdeb368123bbd901df81dc1774fb9 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Thu, 22 Feb 2018 17:22:02 +0000
Subject: Provide X509_chain_up_ref().

From BoringSSL.
---
 src/lib/libcrypto/Symbols.list    |  1 +
 src/lib/libcrypto/x509/x509.h     |  3 ++-
 src/lib/libcrypto/x509/x509_cmp.c | 20 +++++++++++++++++++-
 3 files changed, 22 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 3fdce4de5a..4d10883123 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -2940,6 +2940,7 @@ X509_add_ext
 X509_alias_get0
 X509_alias_set1
 X509_certificate_type
+X509_chain_up_ref
 X509_check_akid
 X509_check_ca
 X509_check_email
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index 92f012ea6d..f2df12f248 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.40 2018/02/22 17:09:28 jsing Exp $ */
+/* $OpenBSD: x509.h,v 1.41 2018/02/22 17:22:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1309,6 +1309,7 @@ char *X509_TRUST_get0_name(X509_TRUST *xp);
 int X509_TRUST_get_trust(X509_TRUST *xp);
 
 int X509_up_ref(X509 *x);
+STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index 440467521b..001f98e61a 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_cmp.c,v 1.28 2018/02/22 17:05:35 jsing Exp $ */
+/* $OpenBSD: x509_cmp.c,v 1.29 2018/02/22 17:22:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -370,3 +370,21 @@ X509_check_private_key(X509 *x, EVP_PKEY *k)
 		return 1;
 	return 0;
 }
+
+/*
+ * Not strictly speaking an "up_ref" as a STACK doesn't have a reference
+ * count but it has the same effect by duping the STACK and upping the ref of
+ * each X509 structure.
+ */
+STACK_OF(X509) *
+X509_chain_up_ref(STACK_OF(X509) *chain)
+{
+	STACK_OF(X509) *ret;
+	size_t i;
+
+	ret = sk_X509_dup(chain);
+	for (i = 0; i < sk_X509_num(ret); i++)
+		X509_up_ref(sk_X509_value(ret, i));
+
+	return ret;
+}
-- 
cgit v1.2.3-55-g6feb