Include TA in checks/callback with partial chains.

[openssl.git] / crypto / x509 / x509_r2x.c

diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index 6aec2427f78bd29e3a184b670f7d1f2e7a205c13..254a14693d99f0e1f343a8e97568a17c6c96aa5b 100644 (file)
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -58,22 +58,16 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
-#include "evp.h"
-#include "asn1.h"
-#include "x509.h"
-#include "objects.h"
-#include "buffer.h"
-#include "pem.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
 
-X509 *X509_REQ_to_X509(r,days,pkey)
-X509_REQ *r;
-int days;
-EVP_PKEY *pkey;
+X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
        {
        X509 *ret=NULL;
-       int er=1;
-       X509_REQ_INFO *ri=NULL;
        X509_CINF *xi=NULL;
        X509_NAME *xn;
 
@@ -84,38 +78,36 @@ EVP_PKEY *pkey;
                }
 
        /* duplicate the request */
-       ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO,
-               (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info);
-       if (ri == NULL) goto err;
-
        xi=ret->cert_info;
 
-       if (sk_num(ri->attributes) != 0)
+       if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0)
                {
-               if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err;
+               if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err;
                if (!ASN1_INTEGER_set(xi->version,2)) goto err;
 /*             xi->extensions=ri->attributes; <- bad, should not ever be done
                ri->attributes=NULL; */
                }
 
        xn=X509_REQ_get_subject_name(r);
-       X509_set_subject_name(ret,X509_NAME_dup(xn));
-       X509_set_issuer_name(ret,X509_NAME_dup(xn));
+       if (X509_set_subject_name(ret,X509_NAME_dup(xn)) == 0)
+               goto err;
+       if (X509_set_issuer_name(ret,X509_NAME_dup(xn)) == 0)
+               goto err;
 
-       X509_gmtime_adj(xi->validity->notBefore,0);
-       X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
+       if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL)
+               goto err;
+       if (X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days) == NULL)
+               goto err;
 
        X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
 
        if (!X509_sign(ret,pkey,EVP_md5()))
                goto err;
-       er=0;
-err:
-       if (er)
+       if (0)
                {
+err:
                X509_free(ret);
-               X509_REQ_INFO_free(ri);
-               return(NULL);
+               ret=NULL;
                }
        return(ret);
        }