From 79aa04ef27f69a1149d4d0e72d2d2953b6241ef0 Mon Sep 17 00:00:00 2001
From: Geoff Thorpe <geoff@openssl.org>
Date: Sat, 1 Sep 2001 20:02:13 +0000
Subject: Make the necessary changes to work with the recent "ex_data"
 overhaul. See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
---
 apps/pkcs12.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'apps/pkcs12.c')

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index b507491dbb..d90cf59df7 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -810,6 +810,9 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
 	STACK_OF(X509) *chn;
 	int i;
 
+	/* FIXME: Should really check the return status of X509_STORE_CTX_init
+	 * for an error, but how that fits into the return value of this
+	 * function is less obvious. */
 	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
 	if (X509_verify_cert(&store_ctx) <= 0) {
 		i = X509_STORE_CTX_get_error (&store_ctx);
-- 
cgit v1.2.3