diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-01-28 00:28:25 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-02-06 18:53:51 +0100 |
commit | 11ddbf84597d26c937ecb8f266424dea7f72cbdf (patch) | |
tree | cb23d927c8c8b85f6ca4947a313b0fe7fb36a07c /test/danetest.c | |
parent | 2bb05a9668323ac2719f84cf8e9ccffc2bc99916 (diff) |
Add X509_STORE_CTX_verify(), which takes the first untrusted cert as default target
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14021)
Diffstat (limited to 'test/danetest.c')
-rw-r--r-- | test/danetest.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/test/danetest.c b/test/danetest.c index b0d6ffe563..25fd16a411 100644 --- a/test/danetest.c +++ b/test/danetest.c @@ -57,15 +57,13 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) X509_STORE_CTX *store_ctx = NULL; SSL_CTX *ssl_ctx = NULL; X509_STORE *store = NULL; - X509 *cert = NULL; int ret = 0; int store_ctx_idx = SSL_get_ex_data_X509_STORE_CTX_idx(); if (!TEST_ptr(store_ctx = X509_STORE_CTX_new()) || !TEST_ptr(ssl_ctx = SSL_get_SSL_CTX(ssl)) || !TEST_ptr(store = SSL_CTX_get_cert_store(ssl_ctx)) - || !TEST_ptr(cert = sk_X509_value(chain, 0)) - || !TEST_true(X509_STORE_CTX_init(store_ctx, store, cert, chain)) + || !TEST_true(X509_STORE_CTX_init(store_ctx, store, NULL, chain)) || !TEST_true(X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl))) goto end; @@ -80,7 +78,7 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) X509_STORE_CTX_set_verify_cb(store_ctx, SSL_get_verify_callback(ssl)); /* Mask "internal failures" (-1) from our return value. */ - if (!TEST_int_ge(ret = X509_verify_cert(store_ctx), 0)) + if (!TEST_int_ge(ret = X509_STORE_CTX_verify(store_ctx), 0)) ret = 0; SSL_set_verify_result(ssl, X509_STORE_CTX_get_error(store_ctx)); |