diff options
| author | simon <simon@FreeBSD.org> | 2010-11-21 22:45:18 +0000 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2010-11-21 22:45:18 +0000 |
| commit | 94e5505da619159032deac31ce95e6677cb94508 (patch) | |
| tree | 4710d37952455e247de95eedf55ea05ee4df9f69 /crypto/x509 | |
| parent | d92ad4708f8e42fced6b82ddee1930a3e4f6e342 (diff) | |
| download | FreeBSD-src-94e5505da619159032deac31ce95e6677cb94508.zip FreeBSD-src-94e5505da619159032deac31ce95e6677cb94508.tar.gz | |
Import OpenSSL 0.9.8p.
Diffstat (limited to 'crypto/x509')
| -rw-r--r-- | crypto/x509/x509.h | 1 | ||||
| -rw-r--r-- | crypto/x509/x509_vfy.c | 7 | ||||
| -rw-r--r-- | crypto/x509/x_all.c | 1 |
3 files changed, 3 insertions, 6 deletions
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 8958e34..c34689a 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -256,6 +256,7 @@ typedef struct x509_cinf_st ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ + ASN1_ENCODING enc; } X509_CINF; /* This stuff is certificate "auxiliary info" diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index b85456e..aeb6337 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -97,7 +97,6 @@ static int x509_subject_cmp(X509 **a, X509 **b) int X509_verify_cert(X509_STORE_CTX *ctx) { X509 *x,*xtmp,*chain_ss=NULL; - X509_NAME *xn; int bad_chain = 0; X509_VERIFY_PARAM *param = ctx->param; int depth,i,ok=0; @@ -149,7 +148,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx) */ /* If we are self signed, we break */ - xn=X509_get_issuer_name(x); if (ctx->check_issued(ctx, x,x)) break; /* If we were passed a cert chain, use it first */ @@ -186,7 +184,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx) i=sk_X509_num(ctx->chain); x=sk_X509_value(ctx->chain,i-1); - xn = X509_get_subject_name(x); if (ctx->check_issued(ctx, x, x)) { /* we have a self signed certificate */ @@ -235,7 +232,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (depth < num) break; /* If we are self signed, we break */ - xn=X509_get_issuer_name(x); if (ctx->check_issued(ctx,x,x)) break; ok = ctx->get_issuer(&xtmp, ctx, x); @@ -254,7 +250,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx) } /* we now have our chain, lets check it... */ - xn=X509_get_issuer_name(x); /* Is last certificate looked up self signed? */ if (!ctx->check_issued(ctx,x,x)) @@ -1380,7 +1375,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if (store) ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); else - ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; + ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; if (store) { diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 9039caa..c7b07f7 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -97,6 +97,7 @@ int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) { + x->cert_info->enc.modified = 1; return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature, x->sig_alg, x->signature, x->cert_info,pkey,md)); } |
