/* x509_vpm.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2004.
*/
/* ====================================================================
param->name = NULL;
param->purpose = 0;
param->trust = 0;
- param->inh_flags = X509_VP_FLAG_DEFAULT;
+ /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/
+ param->inh_flags = 0;
param->flags = 0;
param->depth = -1;
if (param->policies)
x509_verify_param_copy(trust, 0);
x509_verify_param_copy(depth, -1);
+ /* If overwrite or check time not set, copy across */
+
+ if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME))
+ {
+ dest->check_time = src->check_time;
+ dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME;
+ /* Don't need to copy flag: that is done below */
+ }
+
if (inh_flags & X509_VP_FLAG_RESET_FLAGS)
dest->flags = 0;
int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
const X509_VERIFY_PARAM *from)
{
+ unsigned long save_flags = to->inh_flags;
+ int ret;
to->inh_flags |= X509_VP_FLAG_DEFAULT;
- return X509_VERIFY_PARAM_inherit(to, from);
+ ret = X509_VERIFY_PARAM_inherit(to, from);
+ to->inh_flags = save_flags;
+ return ret;
}
int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
return 1;
}
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)
+ {
+ param->flags &= ~flags;
+ return 1;
+ }
+
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
+ {
+ return param->flags;
+ }
+
int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
{
return X509_PURPOSE_set(¶m->purpose, purpose);
0, /* flags */
0, /* purpose */
0, /* trust */
- 9, /* depth */
+ 100, /* depth */
NULL /* policies */
},
{
- "pkcs7", /* SSL/TLS client parameters */
+ "pkcs7", /* S/MIME sign parameters */
+ 0, /* Check time */
+ 0, /* internal flags */
+ 0, /* flags */
+ X509_PURPOSE_SMIME_SIGN, /* purpose */
+ X509_TRUST_EMAIL, /* trust */
+ -1, /* depth */
+ NULL /* policies */
+ },
+ {
+ "smime_sign", /* S/MIME sign parameters */
0, /* Check time */
0, /* internal flags */
0, /* flags */
static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
-static int table_cmp(const void *pa, const void *pb)
+static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
+
{
- const X509_VERIFY_PARAM *a = pa, *b = pb;
return strcmp(a->name, b->name);
}
+DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
+ table);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
+ table);
+
static int param_cmp(const X509_VERIFY_PARAM * const *a,
const X509_VERIFY_PARAM * const *b)
{
{
ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx);
X509_VERIFY_PARAM_free(ptmp);
- sk_X509_VERIFY_PARAM_delete(param_table, idx);
+ (void)sk_X509_VERIFY_PARAM_delete(param_table, idx);
}
}
if (!sk_X509_VERIFY_PARAM_push(param_table, param))
{
int idx;
X509_VERIFY_PARAM pm;
+
pm.name = (char *)name;
if (param_table)
{
if (idx != -1)
return sk_X509_VERIFY_PARAM_value(param_table, idx);
}
- return (const X509_VERIFY_PARAM *) OBJ_bsearch((char *)&pm,
- (char *)&default_table,
- sizeof(default_table)/sizeof(X509_VERIFY_PARAM),
- sizeof(X509_VERIFY_PARAM),
- table_cmp);
+ return OBJ_bsearch_table(&pm, default_table,
+ sizeof(default_table)/sizeof(X509_VERIFY_PARAM));
}
void X509_VERIFY_PARAM_table_cleanup(void)
projects / openssl.git / blobdiff