Add the X509v3_cache_extensions() function

Various functions cause the results of processing extensions to be cached. The processing itself requires a libctx, and so this implicit caching means that the default ctx is used which can lead to failures. By explicitly caching the extensions we can specify the libctx to be used. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11409)
author: Matt Caswell <matt@openssl.org> 2020-03-20 11:52:07 +0000
committer: Matt Caswell <matt@openssl.org> 2020-03-30 14:54:37 +0100
commit: 33328581b83e8e9f573f08f0e2e0d6b32d095857 (patch)
tree: 10f6643a2431c5ca74476197e274b71583bbc13f /include
parent: c2146b57d296aa5b06e27cd8d76bbd040a3444b9 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 63903efb20..e8efab2f08 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -572,6 +572,9 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
                                   const X509V3_EXT_METHOD *method,
                                   X509V3_CTX *ctx, CONF_VALUE *cnf,
                                   int is_nc);
+
+int X509v3_cache_extensions(X509 *x, OPENSSL_CTX *libctx, const char *propq);
+
 void X509V3_conf_free(CONF_VALUE *val);
 
 X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
author	Matt Caswell <matt@openssl.org>	2020-03-20 11:52:07 +0000
committer	Matt Caswell <matt@openssl.org>	2020-03-30 14:54:37 +0100
commit	33328581b83e8e9f573f08f0e2e0d6b32d095857 (patch)
tree	10f6643a2431c5ca74476197e274b71583bbc13f /include
parent	c2146b57d296aa5b06e27cd8d76bbd040a3444b9 (diff)