Support setting of "no purpose" for trust.

If the oid parameter is set to NULL in X509_add1_trust_object create an empty list of trusted purposes corresponding to "no purpose" if trust is checked.

Support setting of "no purpose" for trust.
If the oid parameter is set to NULL in X509_add1_trust_object create an empty list of trusted purposes corresponding to "no purpose" if trust is checked.
85c9ba23 · Dr. Stephen Henson · 5fad2c93 · 85c9ba23
隐藏空白更改
内联并排

Showing with 19 addition and 8 deletion

crypto/asn1/x_x509a.c crypto/asn1/x_x509a.c +19 -8

未找到文件。
--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -135,15 +135,26 @@ unsigned char *X509_keyid_get0(X509 *x, int *len)
 }

 int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
-{
+	{
 	X509_CERT_AUX *aux;
-	ASN1_OBJECT *objtmp;
-	if(!(objtmp = OBJ_dup(obj))) return 0;
-	if(!(aux = aux_get(x))) return 0;
-	if(!aux->trust
-		&& !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;
-	return sk_ASN1_OBJECT_push(aux->trust, objtmp);
-}
+	ASN1_OBJECT *objtmp = NULL;
+	if (obj)
+		{
+		objtmp = OBJ_dup(obj);
+		if (!objtmp)
+			return 0;
+		}
+	if(!(aux = aux_get(x)))
+		goto err;
+	if(!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
+			goto err;
+	if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp))
+		return 1;
+	err:
+	if (objtmp)
+		ASN1_OBJECT_free(objtmp);
+	return 0;
+	}

 int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
 {