mirror of
https://github.com/openssl/openssl.git
synced 2025-01-30 14:01:55 +08:00
x509v3.h.in: Deprecate CTX_TEST and replace it by X509V3_CTX_TEST
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
This commit is contained in:
parent
04a1b3fa7b
commit
2ed63033e4
@ -114,7 +114,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
|
||||
}
|
||||
}
|
||||
|
||||
if (ctx != NULL && (ctx->flags & CTX_TEST) != 0)
|
||||
if (ctx != NULL && (ctx->flags & X509V3_CTX_TEST) != 0)
|
||||
return akeyid;
|
||||
|
||||
if (ctx == NULL) {
|
||||
|
@ -325,7 +325,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
|
||||
X509_EXTENSION *ext;
|
||||
int i, num;
|
||||
|
||||
if (ctx != NULL && (ctx->flags & CTX_TEST) != 0)
|
||||
if (ctx != NULL && (ctx->flags & X509V3_CTX_TEST) != 0)
|
||||
return 1;
|
||||
if (!ctx || !ctx->issuer_cert) {
|
||||
ERR_raise(ERR_LIB_X509V3, X509V3_R_NO_ISSUER_DETAILS);
|
||||
@ -410,7 +410,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
|
||||
GENERAL_NAME *gen = NULL;
|
||||
int i = -1;
|
||||
|
||||
if (ctx != NULL && (ctx->flags & CTX_TEST) != 0)
|
||||
if (ctx != NULL && (ctx->flags & X509V3_CTX_TEST) != 0)
|
||||
return 1;
|
||||
if (ctx == NULL
|
||||
|| (ctx->subject_cert == NULL && ctx->subject_req == NULL)) {
|
||||
|
@ -86,7 +86,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
|
||||
if (strcmp(str, "hash") != 0)
|
||||
return s2i_ASN1_OCTET_STRING(method, ctx /* not used */, str);
|
||||
|
||||
if (ctx != NULL && (ctx->flags & CTX_TEST) != 0)
|
||||
if (ctx != NULL && (ctx->flags & X509V3_CTX_TEST) != 0)
|
||||
return ASN1_OCTET_STRING_new();
|
||||
if (ctx == NULL
|
||||
|| (ctx->subject_cert == NULL && ctx->subject_req == NULL)) {
|
||||
|
@ -3,7 +3,7 @@
|
||||
=head1 NAME
|
||||
|
||||
X509V3_set_ctx,
|
||||
X509V3_set_issuer_pkey - X.509v3 extension generation utility functions
|
||||
X509V3_set_issuer_pkey - X.509 v3 extension generation utilities
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
@ -16,15 +16,16 @@ X509V3_set_issuer_pkey - X.509v3 extension generation utility functions
|
||||
=head1 DESCRIPTION
|
||||
|
||||
X509V3_set_ctx() fills in the basic fields of I<ctx> of type B<X509V3_CTX>,
|
||||
providing details potentially needed by functions producing X509 v3 certificate
|
||||
extensions, e.g., to look up values for filling in authority key identifiers.
|
||||
providing details potentially needed by functions producing X509 v3 extensions,
|
||||
e.g., to look up values for filling in authority key identifiers.
|
||||
Any of I<subj>, I<req>, or I<crl> may be provided, pointing to a certificate,
|
||||
certification request, or certificate revocation list, respectively.
|
||||
If I<subj> or I<crl> is provided, I<issuer> should point to its issuer,
|
||||
for instance to help generating an authority key identifier extension.
|
||||
Note that if I<subj> is provided, I<issuer> may be the same as I<subj>,
|
||||
which means that I<subj> is self-issued (or even self-signed).
|
||||
I<flags> may be 0 or contain B<CTX_TEST>, which means that just the syntax of
|
||||
I<flags> may be 0
|
||||
or contain B<X509V3_CTX_TEST>, which means that just the syntax of
|
||||
extension definitions is to be checked without actually producing an extension,
|
||||
or B<X509V3_CTX_REPLACE>, which means that each X.509v3 extension added as
|
||||
defined in some configuration section shall replace any already existing
|
||||
@ -48,6 +49,8 @@ L<X509_add_ext(3)>
|
||||
|
||||
X509V3_set_issuer_pkey() was added in OpenSSL 3.0.
|
||||
|
||||
CTX_TEST was deprecated in OpenSSL 3.0; use X509V3_CTX_TEST instead.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
@ -87,9 +87,12 @@ typedef struct X509V3_CONF_METHOD_st {
|
||||
void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
|
||||
} X509V3_CONF_METHOD;
|
||||
|
||||
/* Context specific info */
|
||||
/* Context specific info for producing X509 v3 extensions*/
|
||||
struct v3_ext_ctx {
|
||||
# define CTX_TEST 0x1
|
||||
# define X509V3_CTX_TEST 0x1
|
||||
# ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
# define CTX_TEST X509V3_CTX_TEST
|
||||
# endif
|
||||
# define X509V3_CTX_REPLACE 0x2
|
||||
int flags;
|
||||
X509 *issuer_cert;
|
||||
@ -363,7 +366,7 @@ struct ISSUING_DIST_POINT_st {
|
||||
",name:", (val)->name, ",value:", (val)->value)
|
||||
|
||||
# define X509V3_set_ctx_test(ctx) \
|
||||
X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
|
||||
X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, X509V3_CTX_TEST)
|
||||
# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
|
||||
|
||||
# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
|
||||
|
Loading…
Reference in New Issue
Block a user