#include <openssl/x509.h>
#include <openssl/x509v3.h>
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL;
-
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
{
X509_LOOKUP *ret;
ret->verify=0;
ret->verify_cb=0;
- ret->purpose = 0;
- ret->trust = 0;
-
- ret->flags = 0;
+ if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
+ return NULL;
ret->get_issuer = 0;
ret->check_issued = 0;
ret->cert_crl = 0;
ret->cleanup = 0;
- memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
ret->references=1;
- ret->depth=0;
return ret;
}
sk_X509_LOOKUP_free(sk);
sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
- CRYPTO_free_ex_data(x509_store_meth,vfy,&vfy->ex_data);
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
+ if (vfy->param)
+ X509_VERIFY_PARAM_free(vfy->param);
OPENSSL_free(vfy);
}
if (ok == X509_LU_RETRY)
{
X509_OBJECT_free_contents(&obj);
- X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
+ X509err(X509_F_X509_STORE_CTX_GET1_ISSUER,X509_R_SHOULD_RETRY);
return -1;
}
else if (ok != X509_LU_FAIL)
return 0;
}
-void X509_STORE_set_flags(X509_STORE *ctx, long flags)
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
+ {
+ return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
+ }
+
+int X509_STORE_set_depth(X509_STORE *ctx, int depth)
{
- ctx->flags |= flags;
+ X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+ return 1;
}
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
{
- return X509_PURPOSE_set(&ctx->purpose, purpose);
+ return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
}
int X509_STORE_set_trust(X509_STORE *ctx, int trust)
{
- return X509_TRUST_set(&ctx->trust, trust);
+ return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
+ }
+
+int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
+ {
+ return X509_VERIFY_PARAM_set1(ctx->param, param);
}
IMPLEMENT_STACK_OF(X509_LOOKUP)