提交 109f8b5d 编写于 作者: V Viktor Dukhovni

Comment side-effect only calls of X509_check_purpose

Reviewed-by: NRich Salz <rsalz@openssl.org>
上级 b4f35e5e
...@@ -280,6 +280,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, ...@@ -280,6 +280,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
si = M_ASN1_new_of(CMS_SignerInfo); si = M_ASN1_new_of(CMS_SignerInfo);
if (!si) if (!si)
goto merr; goto merr;
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(signer, -1, -1); X509_check_purpose(signer, -1, -1);
CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY); CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
......
...@@ -793,6 +793,7 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed) ...@@ -793,6 +793,7 @@ static ESS_CERT_ID *ess_CERT_ID_new_init(X509 *cert, int issuer_needed)
GENERAL_NAME *name = NULL; GENERAL_NAME *name = NULL;
unsigned char cert_sha1[SHA_DIGEST_LENGTH]; unsigned char cert_sha1[SHA_DIGEST_LENGTH];
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(cert, -1, 0); X509_check_purpose(cert, -1, 0);
if ((cid = ESS_CERT_ID_new()) == NULL) if ((cid = ESS_CERT_ID_new()) == NULL)
goto err; goto err;
......
...@@ -283,6 +283,7 @@ static int trust_1oid(X509_TRUST *trust, X509 *x, int flags) ...@@ -283,6 +283,7 @@ static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
static int trust_compat(X509_TRUST *trust, X509 *x, int flags) static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
{ {
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(x, -1, 0); X509_check_purpose(x, -1, 0);
if (x->ex_flags & EXFLAG_SS) if (x->ex_flags & EXFLAG_SS)
return X509_TRUST_TRUSTED; return X509_TRUST_TRUSTED;
......
...@@ -186,7 +186,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, ...@@ -186,7 +186,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
uint32_t ex_flags; uint32_t ex_flags;
x = sk_X509_value(certs, i); x = sk_X509_value(certs, i);
ex_flags = X509_get_extension_flags(x); ex_flags = X509_get_extension_flags(x);
X509_check_purpose(x, -1, -1);
cache = policy_cache_set(x); cache = policy_cache_set(x);
/* If cache NULL something bad happened: return immediately */ /* If cache NULL something bad happened: return immediately */
if (cache == NULL) if (cache == NULL)
......
...@@ -132,6 +132,7 @@ int X509_check_purpose(X509 *x, int id, int ca) ...@@ -132,6 +132,7 @@ int X509_check_purpose(X509 *x, int id, int ca)
x509v3_cache_extensions(x); x509v3_cache_extensions(x);
CRYPTO_w_unlock(CRYPTO_LOCK_X509); CRYPTO_w_unlock(CRYPTO_LOCK_X509);
} }
/* Return if side-effect only call */
if (id == -1) if (id == -1)
return 1; return 1;
idx = X509_PURPOSE_get_by_id(id); idx = X509_PURPOSE_get_by_id(id);
...@@ -850,12 +851,14 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid) ...@@ -850,12 +851,14 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
uint32_t X509_get_extension_flags(X509 *x) uint32_t X509_get_extension_flags(X509 *x)
{ {
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(x, -1, -1); X509_check_purpose(x, -1, -1);
return x->ex_flags; return x->ex_flags;
} }
uint32_t X509_get_key_usage(X509 *x) uint32_t X509_get_key_usage(X509 *x)
{ {
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(x, -1, -1); X509_check_purpose(x, -1, -1);
if (x->ex_flags & EXFLAG_KUSAGE) if (x->ex_flags & EXFLAG_KUSAGE)
return x->ex_kusage; return x->ex_kusage;
...@@ -864,6 +867,7 @@ uint32_t X509_get_key_usage(X509 *x) ...@@ -864,6 +867,7 @@ uint32_t X509_get_key_usage(X509 *x)
uint32_t X509_get_extended_key_usage(X509 *x) uint32_t X509_get_extended_key_usage(X509 *x)
{ {
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(x, -1, -1); X509_check_purpose(x, -1, -1);
if (x->ex_flags & EXFLAG_XKUSAGE) if (x->ex_flags & EXFLAG_XKUSAGE)
return x->ex_xkusage; return x->ex_xkusage;
...@@ -872,6 +876,7 @@ uint32_t X509_get_extended_key_usage(X509 *x) ...@@ -872,6 +876,7 @@ uint32_t X509_get_extended_key_usage(X509 *x)
const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x) const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x)
{ {
/* Call for side-effect of computing hash and caching extensions */
X509_check_purpose(x, -1, -1); X509_check_purpose(x, -1, -1);
return x->skid; return x->skid;
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册