/*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/x509v3.h>
#include "crypto/x509.h"
+DEFINE_STACK_OF(X509_TRUST)
+DEFINE_STACK_OF(ASN1_OBJECT)
+
static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b);
static void trtable_free(X509_TRUST *p);
static void trtable_free(X509_TRUST *p)
{
- if (!p)
+ if (p == NULL)
return;
if (p->flags & X509_TRUST_DYNAMIC) {
if (p->flags & X509_TRUST_DYNAMIC_NAME)
static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
{
/* Call for side-effect of computing hash and caching extensions */
- X509_check_purpose(x, -1, 0);
- if ((flags & X509_TRUST_NO_SS_COMPAT) == 0 && x->ex_flags & EXFLAG_SS)
+ if (X509_check_purpose(x, -1, 0) != 1)
+ return X509_TRUST_UNTRUSTED;
+ if ((flags & X509_TRUST_NO_SS_COMPAT) == 0 && (x->ex_flags & EXFLAG_SS))
return X509_TRUST_TRUSTED;
else
return X509_TRUST_UNTRUSTED;