From 349a0d8ef963a6a7abb1d42eed25865edf73b871 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 31 Oct 2021 16:23:46 +0000
Subject: Prepare to provide X509_STORE_CTX_get_obj_by_subject(), a wrapper
 around X509_STORE_get_by_subject() that eliminates the need of allocating an
 object on the heap by hand.

ok beck inoguchi jsing
---
 src/lib/libcrypto/x509/x509_lu.c  | 18 +++++++++++++++++-
 src/lib/libcrypto/x509/x509_vfy.h |  6 +++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index ee72e67d1a..143ad152ba 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_lu.c,v 1.35 2021/10/31 16:20:37 tb Exp $ */
+/* $OpenBSD: x509_lu.c,v 1.36 2021/10/31 16:23:45 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -321,6 +321,22 @@ X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
 	}
 }
 
+X509_OBJECT *
+X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
+    X509_NAME *name)
+{
+	X509_OBJECT *ret;
+
+	if ((ret = X509_OBJECT_new()) == NULL)
+		return NULL;
+	if (!X509_STORE_CTX_get_by_subject(vs, type, name, ret)) {
+		X509_OBJECT_free(ret);
+		return NULL;
+	}
+
+	return ret;
+}
+
 int
 X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
     X509_NAME *name, X509_OBJECT *ret)
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index b78c857cdb..1889217233 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.41 2021/10/31 16:20:37 tb Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.42 2021/10/31 16:23:46 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -500,6 +500,10 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
 int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
     X509_NAME *name, X509_OBJECT *ret);
 #define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject
+#if defined(LIBRESSL_NEW_API)
+X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs,
+    X509_LOOKUP_TYPE type, X509_NAME *name);
+#endif
 
 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
 	long argl, char **ret);
-- 
cgit v1.2.3-55-g6feb