From 6725682d77510bf6d499957897d7be124d603f40 Mon Sep 17 00:00:00 2001 From: Shane Lontis Date: Fri, 24 Jul 2020 22:53:27 +1000 Subject: Add X509 related libctx changes. - In order to not add many X509_XXXX_with_libctx() functions the libctx and propq may be stored in the X509 object via a call to X509_new_with_libctx(). - Loading via PEM_read_bio_X509() or d2i_X509() should pass in a created cert using X509_new_with_libctx(). - Renamed some XXXX_ex() to XXX_with_libctx() for X509 API's. - Removed the extra parameters in check_purpose.. - X509_digest() has been modified so that it expects a const EVP_MD object() and then internally it does the fetch when it needs to (via ASN1_item_digest_with_libctx()). - Added API's that set the libctx when they load such as X509_STORE_new_with_libctx() so that the cert chains can be verified. Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12153) --- util/other.syms | 3 +++ 1 file changed, 3 insertions(+) (limited to 'util/other.syms') diff --git a/util/other.syms b/util/other.syms index 351cffa933..54a2b71abb 100644 --- a/util/other.syms +++ b/util/other.syms @@ -571,8 +571,11 @@ X509_CRL_http_nbio define X509_http_nbio define X509_LOOKUP_add_dir define X509_LOOKUP_add_store define +X509_LOOKUP_add_store_with_libctx define X509_LOOKUP_load_file define +X509_LOOKUP_load_file_with_libctx define X509_LOOKUP_load_store define +X509_LOOKUP_load_store_with_libctx define X509_STORE_set_lookup_crls_cb define X509_STORE_set_verify_func define EVP_PKEY_CTX_set1_id define -- cgit v1.2.3-70-g09d2