Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
7e258a56
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
7e258a56
编写于
5月 30, 1999
作者:
B
Ben Laurie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Yet another stack.
上级
fc875472
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
26 addition
and
25 deletion
+26
-25
crypto/x509/x509.h
crypto/x509/x509.h
+2
-1
crypto/x509/x509_lu.c
crypto/x509/x509_lu.c
+1
-1
crypto/x509/x509_vfy.c
crypto/x509/x509_vfy.c
+21
-21
crypto/x509/x509_vfy.h
crypto/x509/x509_vfy.h
+2
-2
未找到文件。
crypto/x509/x509.h
浏览文件 @
7e258a56
...
...
@@ -645,7 +645,8 @@ X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
long
length
);
int
X509_PUBKEY_set
(
X509_PUBKEY
**
x
,
EVP_PKEY
*
pkey
);
EVP_PKEY
*
X509_PUBKEY_get
(
X509_PUBKEY
*
key
);
int
X509_get_pubkey_parameters
(
EVP_PKEY
*
pkey
,
STACK
*
chain
);
int
X509_get_pubkey_parameters
(
EVP_PKEY
*
pkey
,
STACK_OF
(
X509
)
*
chain
);
X509_SIG
*
X509_SIG_new
(
void
);
...
...
crypto/x509/x509_lu.c
浏览文件 @
7e258a56
...
...
@@ -401,7 +401,7 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
{
if
(
ctx
->
chain
!=
NULL
)
{
sk_pop_free
(
ctx
->
chain
,
X509_free
);
sk_
X509_
pop_free
(
ctx
->
chain
,
X509_free
);
ctx
->
chain
=
NULL
;
}
CRYPTO_free_ex_data
(
x509_store_ctx_meth
,(
char
*
)
ctx
,
&
(
ctx
->
ex_data
));
...
...
crypto/x509/x509_vfy.c
浏览文件 @
7e258a56
...
...
@@ -117,8 +117,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
* present and that the first entry is in place */
if
(
ctx
->
chain
==
NULL
)
{
if
(
((
ctx
->
chain
=
sk_new_null
())
==
NULL
)
||
(
!
sk_
push
(
ctx
->
chain
,(
char
*
)
ctx
->
cert
)))
if
(
((
ctx
->
chain
=
sk_
X509_
new_null
())
==
NULL
)
||
(
!
sk_
X509_push
(
ctx
->
chain
,
ctx
->
cert
)))
{
X509err
(
X509_F_X509_VERIFY_CERT
,
ERR_R_MALLOC_FAILURE
);
goto
end
;
...
...
@@ -135,8 +135,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
goto
end
;
}
num
=
sk_num
(
ctx
->
chain
);
x
=
(
X509
*
)
sk
_value
(
ctx
->
chain
,
num
-
1
);
num
=
sk_
X509_
num
(
ctx
->
chain
);
x
=
sk_X509
_value
(
ctx
->
chain
,
num
-
1
);
depth
=
ctx
->
depth
;
...
...
@@ -160,7 +160,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
xtmp
=
X509_find_by_subject
(
sktmp
,
xn
);
if
(
xtmp
!=
NULL
)
{
if
(
!
sk_
push
(
ctx
->
chain
,(
char
*
)
xtmp
))
if
(
!
sk_
X509_push
(
ctx
->
chain
,
xtmp
))
{
X509err
(
X509_F_X509_VERIFY_CERT
,
ERR_R_MALLOC_FAILURE
);
goto
end
;
...
...
@@ -182,13 +182,13 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
* certificates. We now need to add at least one trusted one,
* if possible, otherwise we complain. */
i
=
sk_num
(
ctx
->
chain
);
x
=
(
X509
*
)
sk
_value
(
ctx
->
chain
,
i
-
1
);
i
=
sk_
X509_
num
(
ctx
->
chain
);
x
=
sk_X509
_value
(
ctx
->
chain
,
i
-
1
);
if
(
X509_NAME_cmp
(
X509_get_subject_name
(
x
),
X509_get_issuer_name
(
x
))
==
0
)
{
/* we have a self signed certificate */
if
(
sk_num
(
ctx
->
chain
)
==
1
)
if
(
sk_
X509_
num
(
ctx
->
chain
)
==
1
)
{
ctx
->
error
=
X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
;
ctx
->
current_cert
=
x
;
...
...
@@ -199,10 +199,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
else
{
/* worry more about this one elsewhere */
chain_ss
=
(
X509
*
)
sk
_pop
(
ctx
->
chain
);
chain_ss
=
sk_X509
_pop
(
ctx
->
chain
);
ctx
->
last_untrusted
--
;
num
--
;
x
=
(
X509
*
)
sk
_value
(
ctx
->
chain
,
num
-
1
);
x
=
sk_X509
_value
(
ctx
->
chain
,
num
-
1
);
}
}
...
...
@@ -235,7 +235,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
break
;
}
x
=
obj
.
data
.
x509
;
if
(
!
sk_
push
(
ctx
->
chain
,(
char
*
)
obj
.
data
.
x509
))
if
(
!
sk_
X509_push
(
ctx
->
chain
,
obj
.
data
.
x509
))
{
X509_OBJECT_free_contents
(
&
obj
);
X509err
(
X509_F_X509_VERIFY_CERT
,
ERR_R_MALLOC_FAILURE
);
...
...
@@ -259,7 +259,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
else
{
sk_
push
(
ctx
->
chain
,(
char
*
)
chain_ss
);
sk_
X509_push
(
ctx
->
chain
,
chain_ss
);
num
++
;
ctx
->
last_untrusted
=
num
;
ctx
->
current_cert
=
chain_ss
;
...
...
@@ -300,10 +300,10 @@ static int internal_verify(X509_STORE_CTX *ctx)
cb
=
ctx
->
ctx
->
verify_cb
;
if
(
cb
==
NULL
)
cb
=
null_callback
;
n
=
sk_num
(
ctx
->
chain
);
n
=
sk_
X509_
num
(
ctx
->
chain
);
ctx
->
error_depth
=
n
-
1
;
n
--
;
xi
=
(
X509
*
)
sk
_value
(
ctx
->
chain
,
n
);
xi
=
sk_X509
_value
(
ctx
->
chain
,
n
);
if
(
X509_NAME_cmp
(
X509_get_subject_name
(
xi
),
X509_get_issuer_name
(
xi
))
==
0
)
xs
=
xi
;
...
...
@@ -320,7 +320,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
{
n
--
;
ctx
->
error_depth
=
n
;
xs
=
(
X509
*
)
sk
_value
(
ctx
->
chain
,
n
);
xs
=
sk_X509
_value
(
ctx
->
chain
,
n
);
}
}
...
...
@@ -394,7 +394,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
if
(
n
>=
0
)
{
xi
=
xs
;
xs
=
(
X509
*
)
sk
_value
(
ctx
->
chain
,
n
);
xs
=
sk_X509
_value
(
ctx
->
chain
,
n
);
}
}
ok
=
1
;
...
...
@@ -464,16 +464,16 @@ ASN1_UTCTIME *X509_gmtime_adj(ASN1_UTCTIME *s, long adj)
return
(
ASN1_UTCTIME_set
(
s
,
t
));
}
int
X509_get_pubkey_parameters
(
EVP_PKEY
*
pkey
,
STACK
*
chain
)
int
X509_get_pubkey_parameters
(
EVP_PKEY
*
pkey
,
STACK
_OF
(
X509
)
*
chain
)
{
EVP_PKEY
*
ktmp
=
NULL
,
*
ktmp2
;
int
i
,
j
;
if
((
pkey
!=
NULL
)
&&
!
EVP_PKEY_missing_parameters
(
pkey
))
return
(
1
);
for
(
i
=
0
;
i
<
sk_num
(
chain
);
i
++
)
for
(
i
=
0
;
i
<
sk_
X509_
num
(
chain
);
i
++
)
{
ktmp
=
X509_get_pubkey
(
(
X509
*
)
sk
_value
(
chain
,
i
));
ktmp
=
X509_get_pubkey
(
sk_X509
_value
(
chain
,
i
));
if
(
ktmp
==
NULL
)
{
X509err
(
X509_F_X509_GET_PUBKEY_PARAMETERS
,
X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY
);
...
...
@@ -496,7 +496,7 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain)
/* first, populate the other certs */
for
(
j
=
i
-
1
;
j
>=
0
;
j
--
)
{
ktmp2
=
X509_get_pubkey
(
(
X509
*
)
sk
_value
(
chain
,
j
));
ktmp2
=
X509_get_pubkey
(
sk_X509
_value
(
chain
,
j
));
EVP_PKEY_copy_parameters
(
ktmp2
,
ktmp
);
EVP_PKEY_free
(
ktmp2
);
}
...
...
@@ -615,7 +615,7 @@ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
return
(
ctx
->
current_cert
);
}
STACK
*
X509_STORE_CTX_get_chain
(
X509_STORE_CTX
*
ctx
)
STACK
_OF
(
X509
)
*
X509_STORE_CTX_get_chain
(
X509_STORE_CTX
*
ctx
)
{
return
(
ctx
->
chain
);
}
...
...
crypto/x509/x509_vfy.h
浏览文件 @
7e258a56
...
...
@@ -205,7 +205,7 @@ struct x509_store_state_st /* X509_STORE_CTX */
int
depth
;
/* how far to go looking up certs */
int
valid
;
/* if 0, rebuild chain */
int
last_untrusted
;
/* index of last untrusted cert */
STACK
*
chain
;
/* chain of X509s - built up and trusted */
STACK
_OF
(
X509
)
*
chain
;
/* chain of X509s - built up and trusted */
/* When something goes wrong, this is why */
int
error_depth
;
...
...
@@ -333,7 +333,7 @@ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
void
X509_STORE_CTX_set_error
(
X509_STORE_CTX
*
ctx
,
int
s
);
int
X509_STORE_CTX_get_error_depth
(
X509_STORE_CTX
*
ctx
);
X509
*
X509_STORE_CTX_get_current_cert
(
X509_STORE_CTX
*
ctx
);
STACK
*
X509_STORE_CTX_get_chain
(
X509_STORE_CTX
*
ctx
);
STACK
_OF
(
X509
)
*
X509_STORE_CTX_get_chain
(
X509_STORE_CTX
*
ctx
);
void
X509_STORE_CTX_set_cert
(
X509_STORE_CTX
*
c
,
X509
*
x
);
void
X509_STORE_CTX_set_chain
(
X509_STORE_CTX
*
c
,
STACK_OF
(
X509
)
*
sk
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录