Purpose and trust setting functions for X509_STORE.

Tidy existing code.

5 files changed, 29 insertions, 1 deletions

diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 2b9d1050b7..16a5653b1d 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -886,6 +886,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len);
 int X509_keyid_set1(X509 *x, unsigned char *id, int len);
 unsigned char * X509_alias_get0(X509 *x, int *len);
 int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
+int X509_TRUST_set(int *t, int trust);
 int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
 int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
 void X509_trust_clear(X509 *x);
@@ -1173,6 +1174,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+void ERR_load_X509_strings(void);
 
 /* Error codes for the X509 functions. */
 
@@ -1214,6 +1216,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT		 134
 #define X509_F_X509_TO_X509_REQ				 126
 #define X509_F_X509_TRUST_ADD				 133
+#define X509_F_X509_TRUST_SET				 141
 #define X509_F_X509_VERIFY_CERT				 127
 
 /* Reason codes. */
@@ -1224,6 +1227,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 #define X509_R_ERR_ASN1_LIB				 102
 #define X509_R_INVALID_DIRECTORY			 113
 #define X509_R_INVALID_FIELD_NAME			 119
+#define X509_R_INVALID_TRUST				 123
 #define X509_R_KEY_TYPE_MISMATCH			 115
 #define X509_R_KEY_VALUES_MISMATCH			 116
 #define X509_R_LOADING_CERT_DIR				 103
@@ -1244,4 +1248,3 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 }
 #endif
 #endif
-
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
index 6dd3a9731f..fa72c162e9 100644
--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -103,6 +103,7 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0),	"X509_STORE_CTX_purpose_inherit"},
 {ERR_PACK(0,X509_F_X509_TO_X509_REQ,0),	"X509_to_X509_REQ"},
 {ERR_PACK(0,X509_F_X509_TRUST_ADD,0),	"X509_TRUST_add"},
+{ERR_PACK(0,X509_F_X509_TRUST_SET,0),	"X509_TRUST_set"},
 {ERR_PACK(0,X509_F_X509_VERIFY_CERT,0),	"X509_verify_cert"},
 {0,NULL}
 	};
@@ -116,6 +117,7 @@ static ERR_STRING_DATA X509_str_reasons[]=
 {X509_R_ERR_ASN1_LIB                     ,"err asn1 lib"},
 {X509_R_INVALID_DIRECTORY                ,"invalid directory"},
 {X509_R_INVALID_FIELD_NAME               ,"invalid field name"},
+{X509_R_INVALID_TRUST                    ,"invalid trust"},
 {X509_R_KEY_TYPE_MISMATCH                ,"key type mismatch"},
 {X509_R_KEY_VALUES_MISMATCH              ,"key values mismatch"},
 {X509_R_LOADING_CERT_DIR                 ,"loading cert dir"},
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index fe9fbca315..a298343a4f 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -60,6 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/lhash.h>
 #include <openssl/x509.h>
+#include <openssl/x509v3.h>
 
 static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL;
 
@@ -544,5 +545,15 @@ void X509_STORE_set_flags(X509_STORE *ctx, long flags)
 	ctx->flags |= flags;
 	}
 
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
+	{
+	return X509_PURPOSE_set(&ctx->purpose, purpose);
+	}
+
+int X509_STORE_set_trust(X509_STORE *ctx, int trust)
+	{
+	return X509_TRUST_set(&ctx->trust, trust);
+	}
+
 IMPLEMENT_STACK_OF(X509_LOOKUP)
 IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index 4f48b55160..c164badbe4 100644
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -144,6 +144,16 @@ int X509_TRUST_get_by_id(int id)
 	return idx + X509_TRUST_COUNT;
 }
 
+int X509_TRUST_set(int *t, int trust)
+{
+	if(X509_TRUST_get_by_id(trust) == -1) {
+		X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
+		return 0;
+	}
+	*t = trust;
+	return 1;
+}
+
 int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
 					char *name, int arg1, void *arg2)
 {
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index c308d26ab8..e08075e85a 100644
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -326,6 +326,8 @@ X509_STORE *X509_STORE_new(void );
 void X509_STORE_free(X509_STORE *v);
 
 void X509_STORE_set_flags(X509_STORE *ctx, long flags);
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+int X509_STORE_set_trust(X509_STORE *ctx, int trust);
 
 X509_STORE_CTX *X509_STORE_CTX_new(void);