}
if (X509_verify(xs,pkey) <= 0)
{
- EVP_PKEY_free(pkey);
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
ctx->current_cert=xs;
ok=(*cb)(0,ctx);
- if (!ok) goto end;
+ if (!ok)
+ {
+ EVP_PKEY_free(pkey);
+ goto end;
+ }
}
EVP_PKEY_free(pkey);
pkey=NULL;
atm.length=sizeof(buff2);
atm.data=(unsigned char *)buff2;
- X509_gmtime_adj(&atm,-offset);
+ X509_gmtime_adj(&atm,-offset*60);
i=(buff1[0]-'0')*10+(buff1[1]-'0');
if (i < 50) i+=100; /* cf. RFC 2459 */
return(ctx->chain);
}
-STACK_OF(X509) *X509_STORE_CTX_rget_chain(X509_STORE_CTX *ctx)
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
{
int i;
X509 *x;
if(!purpose) purpose = def_purpose;
/* If we have a purpose then check it is valid */
if(purpose) {
+ X509_PURPOSE *ptmp;
idx = X509_PURPOSE_get_by_id(purpose);
if(idx == -1) {
X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
X509_R_UNKNOWN_PURPOSE_ID);
return 0;
}
- /* If trust not set then get from purpose default */
- if(!trust) {
- X509_PURPOSE *ptmp;
- ptmp = X509_PURPOSE_iget(idx);
- trust = ptmp->trust;
+ ptmp = X509_PURPOSE_get0(idx);
+ if(ptmp->trust == X509_TRUST_DEFAULT) {
+ idx = X509_PURPOSE_get_by_id(def_purpose);
+ if(idx == -1) {
+ X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+ X509_R_UNKNOWN_PURPOSE_ID);
+ return 0;
+ }
+ ptmp = X509_PURPOSE_get0(idx);
}
+ /* If trust not set then get from purpose default */
+ if(!trust) trust = ptmp->trust;
}
if(trust) {
idx = X509_TRUST_get_by_id(trust);