diff --git a/CHANGES b/CHANGES index 42c11fcb6..112a7b670 100644 --- a/CHANGES +++ b/CHANGES @@ -4,7 +4,14 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 2000] - *) Change function names to the new get0/get1 naming convention. + *) Change names of new functions to the new get1/get0 naming + convention: After 'get1', the caller owns a reference count + and has to call ..._free; 'get0' returns a pointer to some + data structure without incrementing reference counters. + (Some of the existing 'get' functions increment a reference + counter, some don't.) + Similarly, 'set1' and 'add1' functions increase reference + counters or duplicate objects. [Steve Henson] *) Allow for the possibility of temp RSA key generation failure: @@ -305,7 +312,8 @@ *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs. [Bodo Moeller] - *) New function X509_CTX_rget_chain(), this returns the chain + *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain + in the 0.9.5 release), this returns the chain from an X509_CTX structure with a dup of the stack and all the X509 reference counts upped: so the stack will exist after X509_CTX_cleanup() has been called. Modify pkcs12.c @@ -641,10 +649,12 @@ it clearly returns an error if you try to read the wrong kind of key. Added a -pubkey option to the 'x509' utility to output the public key. - Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() and add - EVP_PKEY_rset_*() functions that do the same as the EVP_PKEY_assign_*() - except they up the reference count of the added key (they don't "swallow" - the supplied key). + Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*() + (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add + EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*()) + that do the same as the EVP_PKEY_assign_*() except they up the + reference count of the added key (they don't "swallow" the + supplied key). [Steve Henson] *) Fixes to crypto/x509/by_file.c the code to read in certificates and diff --git a/apps/verify.c b/apps/verify.c index c2b19a1b0..267ee4ecd 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -124,7 +124,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "unrecognized purpose\n"); goto end; } - xptmp = X509_PURPOSE_iget(i); + xptmp = X509_PURPOSE_get0(i); purpose = X509_PURPOSE_get_id(xptmp); } else if (strcmp(*argv,"-untrusted") == 0) @@ -190,7 +190,7 @@ end: BIO_printf(bio_err,"recognized usages:\n"); for(i = 0; i < X509_PURPOSE_get_count(); i++) { X509_PURPOSE *ptmp; - ptmp = X509_PURPOSE_iget(i); + ptmp = X509_PURPOSE_get0(i); BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp), X509_PURPOSE_get0_name(ptmp)); } diff --git a/apps/x509.c b/apps/x509.c index 407f83950..d5c0d0404 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -555,7 +555,7 @@ bad: } } - if(alias) X509_alias_rset(x, (unsigned char *)alias, -1); + if(alias) X509_alias_set1(x, (unsigned char *)alias, -1); if(clrtrust) X509_trust_clear(x); if(clrreject) X509_reject_clear(x); @@ -599,7 +599,7 @@ bad: else if (aliasout == i) { unsigned char *alstr; - alstr = X509_alias_iget(x, NULL); + alstr = X509_alias_get0(x, NULL); if(alstr) BIO_printf(STDout,"%s\n", alstr); else BIO_puts(STDout,"\n"); } @@ -614,7 +614,7 @@ bad: BIO_printf(STDout, "Certificate purposes:\n"); for(j = 0; j < X509_PURPOSE_get_count(); j++) { - ptmp = X509_PURPOSE_iget(j); + ptmp = X509_PURPOSE_get0(j); purpose_print(STDout, x, ptmp); } } diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c index f3bd3f89b..b9987ea96 100644 --- a/crypto/asn1/x_x509a.c +++ b/crypto/asn1/x_x509a.c @@ -145,7 +145,7 @@ static X509_CERT_AUX *aux_get(X509 *x) return x->aux; } -int X509_alias_rset(X509 *x, unsigned char *name, int len) +int X509_alias_set1(X509 *x, unsigned char *name, int len) { X509_CERT_AUX *aux; if(!(aux = aux_get(x))) return 0; @@ -153,7 +153,7 @@ int X509_alias_rset(X509 *x, unsigned char *name, int len) return ASN1_STRING_set(aux->alias, name, len); } -unsigned char *X509_alias_iget(X509 *x, int *len) +unsigned char *X509_alias_get0(X509 *x, int *len) { if(!x->aux || !x->aux->alias) return NULL; if(len) *len = x->aux->alias->length; diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index bd602ce8b..d3336d9ce 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -822,8 +822,8 @@ void X509_CERT_AUX_free(X509_CERT_AUX *a); int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp); X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp, long length); -int X509_alias_rset(X509 *x, unsigned char *name, int len); -unsigned char * X509_alias_iget(X509 *x, int *len); +int X509_alias_set1(X509 *x, unsigned char *name, int len); +unsigned char * X509_alias_get0(X509 *x, int *len); int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); @@ -1115,7 +1115,7 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); int X509_check_trust(X509 *x, int id, int flags); int X509_TRUST_get_count(void); -X509_TRUST * X509_TRUST_iget(int idx); +X509_TRUST * X509_TRUST_get0(int idx); int X509_TRUST_get_by_id(int id); int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), char *name, int arg1, void *arg2); diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index 3f76cd89d..9f7d67952 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -109,7 +109,7 @@ int X509_check_trust(X509 *x, int id, int flags) if(id == -1) return 1; if(!(idx = X509_TRUST_get_by_id(id))) return default_trust(id, x, flags); - pt = X509_TRUST_iget(idx); + pt = X509_TRUST_get0(idx); return pt->check_trust(pt, x, flags); } @@ -119,7 +119,7 @@ int X509_TRUST_get_count(void) return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT; } -X509_TRUST * X509_TRUST_iget(int idx) +X509_TRUST * X509_TRUST_get0(int idx) { if(idx < 0) return NULL; if(idx < X509_TRUST_COUNT) return trstandard + idx; @@ -157,7 +157,7 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), return 0; } trtmp->flags = X509_TRUST_DYNAMIC; - } else trtmp = X509_TRUST_iget(idx); + } else trtmp = X509_TRUST_get0(idx); /* Free existing name if dynamic */ if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) Free(trtmp->name); diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 8de6cc97f..4fdff5412 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -777,7 +777,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, /* If trust not set then get from purpose default */ if(!trust) { X509_PURPOSE *ptmp; - ptmp = X509_PURPOSE_iget(idx); + ptmp = X509_PURPOSE_get0(idx); trust = ptmp->trust; } } diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 08fbd6767..b7494ebcd 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -107,7 +107,7 @@ int X509_check_purpose(X509 *x, int id, int ca) if(id == -1) return 1; idx = X509_PURPOSE_get_by_id(id); if(idx == -1) return -1; - pt = X509_PURPOSE_iget(idx); + pt = X509_PURPOSE_get0(idx); return pt->check_purpose(pt, x, ca); } @@ -117,7 +117,7 @@ int X509_PURPOSE_get_count(void) return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT; } -X509_PURPOSE * X509_PURPOSE_iget(int idx) +X509_PURPOSE * X509_PURPOSE_get0(int idx) { if(idx < 0) return NULL; if(idx < X509_PURPOSE_COUNT) return xstandard + idx; @@ -129,7 +129,7 @@ int X509_PURPOSE_get_by_sname(char *sname) int i; X509_PURPOSE *xptmp; for(i = 0; i < X509_PURPOSE_get_count(); i++) { - xptmp = X509_PURPOSE_iget(i); + xptmp = X509_PURPOSE_get0(i); if(!strcmp(xptmp->sname, sname)) return i; } return -1; @@ -168,7 +168,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; - } else ptmp = X509_PURPOSE_iget(idx); + } else ptmp = X509_PURPOSE_get0(idx); /* Free existing name if dynamic */ if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) { diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index a977bf421..fe0175579 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -529,7 +529,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); int X509_check_purpose(X509 *x, int id, int ca); int X509_PURPOSE_get_count(void); -X509_PURPOSE * X509_PURPOSE_iget(int idx); +X509_PURPOSE * X509_PURPOSE_get0(int idx); int X509_PURPOSE_get_by_sname(char *sname); int X509_PURPOSE_get_by_id(int id); int X509_PURPOSE_add(int id, int trust, int flags, diff --git a/util/libeay.num b/util/libeay.num index feab019d9..dfbd3987a 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -1886,7 +1886,7 @@ X509_reject_set_bit_asc 1911 X509_NAME_add_entry_by_txt 1912 sk_X509_TRUST_pop 1913 X509_NAME_add_entry_by_NID 1914 -X509_PURPOSE_iget 1915 +X509_PURPOSE_get0 1915 sk_ACCESS_DESCRIPTION_shift 1916 PEM_read_X509_AUX 1917 d2i_AUTHORITY_INFO_ACCESS 1918 @@ -1904,7 +1904,7 @@ sk_X509_PURPOSE_value 1929 sk_X509_PURPOSE_zero 1930 X509_TRUST_add 1931 ASN1_VISIBLESTRING_new 1932 -X509_alias_rset 1933 +X509_alias_set1 1933 ASN1_PRINTABLESTRING_free 1934 EVP_PKEY_get1_DSA 1935 ASN1_BMPSTRING_new 1936 @@ -2018,7 +2018,7 @@ sk_X509_TRUST_value 2043 d2i_RSA_PUBKEY 2044 sk_ASN1_STRING_TABLE_set 2045 X509_TRUST_get0_name 2046 -X509_TRUST_iget 2047 +X509_TRUST_get0 2047 AUTHORITY_INFO_ACCESS_free 2048 ASN1_IA5STRING_new 2049 d2i_DSA_PUBKEY 2050 @@ -2045,7 +2045,7 @@ sk_ASN1_STRING_TABLE_set_cmp_func 2070 X509_NAME_ENTRY_create_by_txt 2071 ASN1_STRING_get_default_mask 2072 sk_X509_TRUST_dup 2073 -X509_alias_iget 2074 +X509_alias_get0 2074 ASN1_STRING_data 2075 sk_X509_TRUST_insert 2076 i2d_ACCESS_DESCRIPTION 2077