diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-07-25 16:57:49 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-07-26 16:23:02 +0100 |
commit | ba1a1c3783bec68830da3a375b581afc73226ff4 (patch) | |
tree | a21ce03717737320dd28b2507cc32c97deee0d0d | |
parent | 0946a19886b0e7b8213db6559eb8b8eb63fc1503 (diff) | |
download | openssl-ba1a1c3783bec68830da3a375b581afc73226ff4.tar.gz |
Deprecate X509_LU_FAIL, X509_LU_RETRY
Instead of X509_LU_FAIL, X509_LU_RETRY use 0/1 for return values.
RT#4577
Reviewed-by: Rich Salz <rsalz@openssl.org>
-rw-r--r-- | crypto/x509/x509_lu.c | 20 | ||||
-rw-r--r-- | include/openssl/x509_vfy.h | 2 |
2 files changed, 8 insertions, 14 deletions
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 282adb4e8f..79c68fedfc 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -85,7 +85,7 @@ int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) - return X509_LU_FAIL; + return 0; if (ctx->skip) return 0; return ctx->method->get_by_subject(ctx, type, name, ret); @@ -96,7 +96,7 @@ int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL)) - return X509_LU_FAIL; + return 0; return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret); } @@ -105,7 +105,7 @@ int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) - return X509_LU_FAIL; + return 0; return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret); } @@ -113,7 +113,7 @@ int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, char *str, int len, X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) - return X509_LU_FAIL; + return 0; return ctx->method->get_by_alias(ctx, type, str, len, ret); } @@ -414,7 +414,7 @@ X509_OBJECT *X509_OBJECT_new() X509err(X509_F_X509_OBJECT_NEW, ERR_R_MALLOC_FAILURE); return NULL; } - ret->type = X509_LU_FAIL; + ret->type = X509_LU_NONE; return ret; } @@ -633,16 +633,8 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) *issuer = NULL; xn = X509_get_issuer_name(x); ok = X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, xn, obj); - if (ok != X509_LU_X509) { + if (ok != 1) { X509_OBJECT_free(obj); - if (ok == X509_LU_RETRY) { - X509err(X509_F_X509_STORE_CTX_GET1_ISSUER, X509_R_SHOULD_RETRY); - return -1; - } - if (ok != X509_LU_FAIL) { - /* not good :-(, break anyway */ - return -1; - } return 0; } /* If certificate matches all OK */ diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index b524a67231..a0f79276be 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -49,8 +49,10 @@ typedef enum { X509_LU_X509, X509_LU_CRL } X509_LOOKUP_TYPE; +#if OPENSSL_API_COMPAT < 0x10100000L #define X509_LU_RETRY -1 #define X509_LU_FAIL 0 +#endif DEFINE_STACK_OF(X509_LOOKUP) DEFINE_STACK_OF(X509_OBJECT) |