Make it possible for external code to set the certiciate proxy path length

This adds the functions X509_set_proxy_pathlen(), which sets the internal pc path length cache for a given X509 structure, along with X509_get_proxy_pathlen(), which retrieves it. Along with the previously added X509_set_proxy_flag(), this provides the tools needed to manipulate all the information cached on proxy certificates, allowing external code to do what's necessary to have them verified correctly by the libcrypto code. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Richard Levitte <levitte@openssl.org> 2016-07-25 17:02:56 +0200
committer: Richard Levitte <levitte@openssl.org> 2016-07-25 17:36:39 +0200
commit: fe0169b09717b3c3d52c0fba96e1dcf5e8a60d94 (patch)
tree: e18b998d2adf160cfdb25312dcb89b0ead1b0075 /include
parent: 3067095e8a2cca3d33fa0af77788bc45da68b76b (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index c708ec34c4..c3f3863c47 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -650,6 +650,8 @@ int X509_PURPOSE_set(int *p, int purpose);
 int X509_check_issued(X509 *issuer, X509 *subject);
 int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
 void X509_set_proxy_flag(X509 *x);
+void X509_set_proxy_pathlen(X509 *x, long l);
+long X509_get_proxy_pathlen(X509 *x);
 
 uint32_t X509_get_extension_flags(X509 *x);
 uint32_t X509_get_key_usage(X509 *x);
author	Richard Levitte <levitte@openssl.org>	2016-07-25 17:02:56 +0200
committer	Richard Levitte <levitte@openssl.org>	2016-07-25 17:36:39 +0200
commit	fe0169b09717b3c3d52c0fba96e1dcf5e8a60d94 (patch)
tree	e18b998d2adf160cfdb25312dcb89b0ead1b0075 /include
parent	3067095e8a2cca3d33fa0af77788bc45da68b76b (diff)