Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
926a56bf
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
926a56bf
编写于
23年前
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Purpose and trust setting functions for X509_STORE. Tidy existing code.
上级
d6f188be
无相关合并请求
变更
10
隐藏空白更改
内联
并排
Showing
10 changed file
with
55 addition
and
27 deletion
+55
-27
CHANGES
CHANGES
+5
-0
crypto/x509/x509.h
crypto/x509/x509.h
+4
-1
crypto/x509/x509_err.c
crypto/x509/x509_err.c
+2
-0
crypto/x509/x509_lu.c
crypto/x509/x509_lu.c
+11
-0
crypto/x509/x509_trs.c
crypto/x509/x509_trs.c
+10
-0
crypto/x509/x509_vfy.h
crypto/x509/x509_vfy.h
+2
-0
crypto/x509v3/v3_purp.c
crypto/x509v3/v3_purp.c
+10
-0
crypto/x509v3/v3err.c
crypto/x509v3/v3err.c
+2
-0
crypto/x509v3/x509v3.h
crypto/x509v3/x509v3.h
+4
-1
ssl/ssl_lib.c
ssl/ssl_lib.c
+5
-25
未找到文件。
CHANGES
浏览文件 @
926a56bf
...
...
@@ -11,6 +11,11 @@
*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only
+) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle
setting of purpose and trust fields. New X509_STORE trust and
purpose functions and tidy up setting in other SSL functions.
[Steve Henson]
+) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE
structure. These are inherited by X509_STORE_CTX when it is
initialised. This allows various defaults to be set in the
...
...
This diff is collapsed.
Click to expand it.
crypto/x509/x509.h
浏览文件 @
926a56bf
...
...
@@ -886,6 +886,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len);
int
X509_keyid_set1
(
X509
*
x
,
unsigned
char
*
id
,
int
len
);
unsigned
char
*
X509_alias_get0
(
X509
*
x
,
int
*
len
);
int
(
*
X509_TRUST_set_default
(
int
(
*
trust
)(
int
,
X509
*
,
int
)))(
int
,
X509
*
,
int
);
int
X509_TRUST_set
(
int
*
t
,
int
trust
);
int
X509_add1_trust_object
(
X509
*
x
,
ASN1_OBJECT
*
obj
);
int
X509_add1_reject_object
(
X509
*
x
,
ASN1_OBJECT
*
obj
);
void
X509_trust_clear
(
X509
*
x
);
...
...
@@ -1173,6 +1174,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void
ERR_load_X509_strings
(
void
);
/* Error codes for the X509 functions. */
...
...
@@ -1214,6 +1216,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
#define X509_F_X509_TO_X509_REQ 126
#define X509_F_X509_TRUST_ADD 133
#define X509_F_X509_TRUST_SET 141
#define X509_F_X509_VERIFY_CERT 127
/* Reason codes. */
...
...
@@ -1224,6 +1227,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
#define X509_R_ERR_ASN1_LIB 102
#define X509_R_INVALID_DIRECTORY 113
#define X509_R_INVALID_FIELD_NAME 119
#define X509_R_INVALID_TRUST 123
#define X509_R_KEY_TYPE_MISMATCH 115
#define X509_R_KEY_VALUES_MISMATCH 116
#define X509_R_LOADING_CERT_DIR 103
...
...
@@ -1244,4 +1248,3 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
}
#endif
#endif
This diff is collapsed.
Click to expand it.
crypto/x509/x509_err.c
浏览文件 @
926a56bf
...
...
@@ -103,6 +103,7 @@ static ERR_STRING_DATA X509_str_functs[]=
{
ERR_PACK
(
0
,
X509_F_X509_STORE_CTX_PURPOSE_INHERIT
,
0
),
"X509_STORE_CTX_purpose_inherit"
},
{
ERR_PACK
(
0
,
X509_F_X509_TO_X509_REQ
,
0
),
"X509_to_X509_REQ"
},
{
ERR_PACK
(
0
,
X509_F_X509_TRUST_ADD
,
0
),
"X509_TRUST_add"
},
{
ERR_PACK
(
0
,
X509_F_X509_TRUST_SET
,
0
),
"X509_TRUST_set"
},
{
ERR_PACK
(
0
,
X509_F_X509_VERIFY_CERT
,
0
),
"X509_verify_cert"
},
{
0
,
NULL
}
};
...
...
@@ -116,6 +117,7 @@ static ERR_STRING_DATA X509_str_reasons[]=
{
X509_R_ERR_ASN1_LIB
,
"err asn1 lib"
},
{
X509_R_INVALID_DIRECTORY
,
"invalid directory"
},
{
X509_R_INVALID_FIELD_NAME
,
"invalid field name"
},
{
X509_R_INVALID_TRUST
,
"invalid trust"
},
{
X509_R_KEY_TYPE_MISMATCH
,
"key type mismatch"
},
{
X509_R_KEY_VALUES_MISMATCH
,
"key values mismatch"
},
{
X509_R_LOADING_CERT_DIR
,
"loading cert dir"
},
...
...
This diff is collapsed.
Click to expand it.
crypto/x509/x509_lu.c
浏览文件 @
926a56bf
...
...
@@ -60,6 +60,7 @@
#include "cryptlib.h"
#include <openssl/lhash.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
static
STACK_OF
(
CRYPTO_EX_DATA_FUNCS
)
*
x509_store_meth
=
NULL
;
...
...
@@ -544,5 +545,15 @@ void X509_STORE_set_flags(X509_STORE *ctx, long flags)
ctx
->
flags
|=
flags
;
}
int
X509_STORE_set_purpose
(
X509_STORE
*
ctx
,
int
purpose
)
{
return
X509_PURPOSE_set
(
&
ctx
->
purpose
,
purpose
);
}
int
X509_STORE_set_trust
(
X509_STORE
*
ctx
,
int
trust
)
{
return
X509_TRUST_set
(
&
ctx
->
trust
,
trust
);
}
IMPLEMENT_STACK_OF
(
X509_LOOKUP
)
IMPLEMENT_STACK_OF
(
X509_OBJECT
)
This diff is collapsed.
Click to expand it.
crypto/x509/x509_trs.c
浏览文件 @
926a56bf
...
...
@@ -144,6 +144,16 @@ int X509_TRUST_get_by_id(int id)
return
idx
+
X509_TRUST_COUNT
;
}
int
X509_TRUST_set
(
int
*
t
,
int
trust
)
{
if
(
X509_TRUST_get_by_id
(
trust
)
==
-
1
)
{
X509err
(
X509_F_X509_TRUST_SET
,
X509_R_INVALID_TRUST
);
return
0
;
}
*
t
=
trust
;
return
1
;
}
int
X509_TRUST_add
(
int
id
,
int
flags
,
int
(
*
ck
)(
X509_TRUST
*
,
X509
*
,
int
),
char
*
name
,
int
arg1
,
void
*
arg2
)
{
...
...
This diff is collapsed.
Click to expand it.
crypto/x509/x509_vfy.h
浏览文件 @
926a56bf
...
...
@@ -326,6 +326,8 @@ X509_STORE *X509_STORE_new(void );
void
X509_STORE_free
(
X509_STORE
*
v
);
void
X509_STORE_set_flags
(
X509_STORE
*
ctx
,
long
flags
);
int
X509_STORE_set_purpose
(
X509_STORE
*
ctx
,
int
purpose
);
int
X509_STORE_set_trust
(
X509_STORE
*
ctx
,
int
trust
);
X509_STORE_CTX
*
X509_STORE_CTX_new
(
void
);
...
...
This diff is collapsed.
Click to expand it.
crypto/x509v3/v3_purp.c
浏览文件 @
926a56bf
...
...
@@ -121,6 +121,16 @@ int X509_check_purpose(X509 *x, int id, int ca)
return
pt
->
check_purpose
(
pt
,
x
,
ca
);
}
int
X509_PURPOSE_set
(
int
*
p
,
int
purpose
)
{
if
(
X509_PURPOSE_get_by_id
(
purpose
)
==
-
1
)
{
X509V3err
(
X509V3_F_X509_PURPOSE_SET
,
X509V3_R_INVALID_PURPOSE
);
return
0
;
}
*
p
=
purpose
;
return
1
;
}
int
X509_PURPOSE_get_count
(
void
)
{
if
(
!
xptable
)
return
X509_PURPOSE_COUNT
;
...
...
This diff is collapsed.
Click to expand it.
crypto/x509v3/v3err.c
浏览文件 @
926a56bf
...
...
@@ -107,6 +107,7 @@ static ERR_STRING_DATA X509V3_str_functs[]=
{
ERR_PACK
(
0
,
X509V3_F_X509V3_GET_VALUE_BOOL
,
0
),
"X509V3_get_value_bool"
},
{
ERR_PACK
(
0
,
X509V3_F_X509V3_PARSE_LIST
,
0
),
"X509V3_parse_list"
},
{
ERR_PACK
(
0
,
X509V3_F_X509_PURPOSE_ADD
,
0
),
"X509_PURPOSE_add"
},
{
ERR_PACK
(
0
,
X509V3_F_X509_PURPOSE_SET
,
0
),
"X509_PURPOSE_set"
},
{
0
,
NULL
}
};
...
...
@@ -138,6 +139,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
{
X509V3_R_INVALID_OBJECT_IDENTIFIER
,
"invalid object identifier"
},
{
X509V3_R_INVALID_OPTION
,
"invalid option"
},
{
X509V3_R_INVALID_POLICY_IDENTIFIER
,
"invalid policy identifier"
},
{
X509V3_R_INVALID_PURPOSE
,
"invalid purpose"
},
{
X509V3_R_INVALID_SECTION
,
"invalid section"
},
{
X509V3_R_INVALID_SYNTAX
,
"invalid syntax"
},
{
X509V3_R_ISSUER_DECODE_ERROR
,
"issuer decode error"
},
...
...
This diff is collapsed.
Click to expand it.
crypto/x509v3/x509v3.h
浏览文件 @
926a56bf
...
...
@@ -518,6 +518,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
int
X509V3_extensions_print
(
BIO
*
out
,
char
*
title
,
STACK_OF
(
X509_EXTENSION
)
*
exts
,
unsigned
long
flag
,
int
indent
);
int
X509_check_purpose
(
X509
*
x
,
int
id
,
int
ca
);
int
X509_PURPOSE_set
(
int
*
p
,
int
purpose
);
int
X509_check_issued
(
X509
*
issuer
,
X509
*
subject
);
int
X509_PURPOSE_get_count
(
void
);
X509_PURPOSE
*
X509_PURPOSE_get0
(
int
idx
);
...
...
@@ -541,6 +542,7 @@ void X509_email_free(STACK *sk);
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void
ERR_load_X509V3_strings
(
void
);
/* Error codes for the X509V3 functions. */
...
...
@@ -586,6 +588,7 @@ void X509_email_free(STACK *sk);
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
#define X509V3_F_X509V3_PARSE_LIST 109
#define X509V3_F_X509_PURPOSE_ADD 137
#define X509V3_F_X509_PURPOSE_SET 141
/* Reason codes. */
#define X509V3_R_BAD_IP_ADDRESS 118
...
...
@@ -614,6 +617,7 @@ void X509_email_free(STACK *sk);
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
#define X509V3_R_INVALID_OPTION 138
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
#define X509V3_R_INVALID_PURPOSE 146
#define X509V3_R_INVALID_SECTION 135
#define X509V3_R_INVALID_SYNTAX 143
#define X509V3_R_ISSUER_DECODE_ERROR 126
...
...
@@ -639,4 +643,3 @@ void X509_email_free(STACK *sk);
}
#endif
#endif
This diff is collapsed.
Click to expand it.
ssl/ssl_lib.c
浏览文件 @
926a56bf
...
...
@@ -333,42 +333,22 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
int
SSL_CTX_set_purpose
(
SSL_CTX
*
s
,
int
purpose
)
{
if
(
X509_PURPOSE_get_by_id
(
purpose
)
==
-
1
)
{
SSLerr
(
SSL_F_SSL_CTX_SET_PURPOSE
,
SSL_R_INVALID_PURPOSE
);
return
0
;
}
s
->
purpose
=
purpose
;
return
1
;
return
X509_PURPOSE_set
(
&
s
->
purpose
,
purpose
);
}
int
SSL_set_purpose
(
SSL
*
s
,
int
purpose
)
{
if
(
X509_PURPOSE_get_by_id
(
purpose
)
==
-
1
)
{
SSLerr
(
SSL_F_SSL_SET_PURPOSE
,
SSL_R_INVALID_PURPOSE
);
return
0
;
}
s
->
purpose
=
purpose
;
return
1
;
return
X509_PURPOSE_set
(
&
s
->
purpose
,
purpose
);
}
int
SSL_CTX_set_trust
(
SSL_CTX
*
s
,
int
trust
)
{
if
(
X509_TRUST_get_by_id
(
trust
)
==
-
1
)
{
SSLerr
(
SSL_F_SSL_CTX_SET_TRUST
,
SSL_R_INVALID_TRUST
);
return
0
;
}
s
->
trust
=
trust
;
return
1
;
return
X509_TRUST_set
(
&
s
->
trust
,
trust
);
}
int
SSL_set_trust
(
SSL
*
s
,
int
trust
)
{
if
(
X509_TRUST_get_by_id
(
trust
)
==
-
1
)
{
SSLerr
(
SSL_F_SSL_SET_TRUST
,
SSL_R_INVALID_TRUST
);
return
0
;
}
s
->
trust
=
trust
;
return
1
;
return
X509_TRUST_set
(
&
s
->
trust
,
trust
);
}
void
SSL_free
(
SSL
*
s
)
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
反馈
建议
客服
返回
顶部