diff options
| author | Matt Caswell <matt@openssl.org> | 2020-04-03 16:25:18 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-04-09 14:51:48 +0100 |
| commit | d4b2bfbadecd64de298d37ef6eb90a829da01a6a (patch) | |
| tree | 9a4f8f90e5ace759073f977e6b1f1c9cadd88426 /crypto/ct/ct_policy.c | |
| parent | 76e23fc50b2dcf9b4d33824102ce5ae03f8faea3 (diff) | |
Make the CT code library context aware
Add the new functions CTLOG_STORE_new_with_libctx(),
CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx() to pass
in the library context/property query string to use a library context
is to be used.
We also add the function CT_POLICY_EVAL_CTX_new_with_libctx() to enable
the creation of a CT_POLICY_EVAL_CTX to be associated with a libctx and
property query string.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11483)
Diffstat (limited to 'crypto/ct/ct_policy.c')
| -rw-r--r-- | crypto/ct/ct_policy.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c index 0305970a94..568d8e6d64 100644 --- a/crypto/ct/ct_policy.c +++ b/crypto/ct/ct_policy.c @@ -25,15 +25,25 @@ */ static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300; -CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void) +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, + const char *propq) { CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX)); if (ctx == NULL) { - CTerr(CT_F_CT_POLICY_EVAL_CTX_NEW, ERR_R_MALLOC_FAILURE); + CTerr(0, ERR_R_MALLOC_FAILURE); return NULL; } + ctx->libctx = libctx; + if (propq != NULL) { + ctx->propq = OPENSSL_strdup(propq); + if (ctx->propq == NULL) { + CTerr(0, ERR_R_MALLOC_FAILURE); + return NULL; + } + } + /* time(NULL) shouldn't ever fail, so don't bother checking for -1. */ ctx->epoch_time_in_ms = (uint64_t)(time(NULL) + SCT_CLOCK_DRIFT_TOLERANCE) * 1000; @@ -41,12 +51,18 @@ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void) return ctx; } +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void) +{ + return CT_POLICY_EVAL_CTX_new_with_libctx(NULL, NULL); +} + void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx) { if (ctx == NULL) return; X509_free(ctx->cert); X509_free(ctx->issuer); + OPENSSL_free(ctx->propq); OPENSSL_free(ctx); } |