Add -CAstore and similar to all openssl commands that have -CApath

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8442)
author: Richard Levitte <levitte@openssl.org> 2019-03-07 15:26:34 +0100
committer: Richard Levitte <levitte@openssl.org> 2019-11-03 18:38:23 +0100
commit: fd3397fc47bfd92e7e33d88aa566cb0c8bd29330 (patch)
tree: 463778bc2ded727930631bec442d7ec7b7509488 /apps/lib/s_cb.c
parent: 6dcb100f89d0ef081771d533fed342412ac7a13f (diff)
1 files changed, 14 insertions, 4 deletions
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index 47b8afe9ef..7b81d60fe7 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -1262,27 +1262,37 @@ int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download)
 
 int ssl_load_stores(SSL_CTX *ctx,
                     const char *vfyCApath, const char *vfyCAfile,
+                    const char *vfyCAstore,
                     const char *chCApath, const char *chCAfile,
+                    const char *chCAstore,
                     STACK_OF(X509_CRL) *crls, int crl_download)
 {
     X509_STORE *vfy = NULL, *ch = NULL;
     int rv = 0;
-    if (vfyCApath != NULL || vfyCAfile != NULL) {
+    if (vfyCApath != NULL || vfyCAfile != NULL || vfyCAstore != NULL) {
         vfy = X509_STORE_new();
         if (vfy == NULL)
             goto err;
-        if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath))
+        if (vfyCAfile != NULL && !X509_STORE_load_file(vfy, vfyCAfile))
+            goto err;
+        if (vfyCApath != NULL && !X509_STORE_load_path(vfy, vfyCApath))
+            goto err;
+        if (vfyCAstore != NULL && !X509_STORE_load_store(vfy, vfyCAstore))
             goto err;
         add_crls_store(vfy, crls);
         SSL_CTX_set1_verify_cert_store(ctx, vfy);
         if (crl_download)
             store_setup_crl_download(vfy);
     }
-    if (chCApath != NULL || chCAfile != NULL) {
+    if (chCApath != NULL || chCAfile != NULL || chCAstore != NULL) {
         ch = X509_STORE_new();
         if (ch == NULL)
             goto err;
-        if (!X509_STORE_load_locations(ch, chCAfile, chCApath))
+        if (chCAfile != NULL && !X509_STORE_load_file(ch, chCAfile))
+            goto err;
+        if (chCApath != NULL && !X509_STORE_load_path(ch, chCApath))
+            goto err;
+        if (chCAstore != NULL && !X509_STORE_load_store(ch, chCAstore))
             goto err;
         SSL_CTX_set1_chain_cert_store(ctx, ch);
     }
author	Richard Levitte <levitte@openssl.org>	2019-03-07 15:26:34 +0100
committer	Richard Levitte <levitte@openssl.org>	2019-11-03 18:38:23 +0100
commit	fd3397fc47bfd92e7e33d88aa566cb0c8bd29330 (patch)
tree	463778bc2ded727930631bec442d7ec7b7509488 /apps/lib/s_cb.c
parent	6dcb100f89d0ef081771d533fed342412ac7a13f (diff)