Replace X509_LOOKUP_ctrl with real functions
Gain some type-checking.
Change-Id: I21524e0507f2c6b12d9f431a8cc6e82e28c94e24
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64248
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 2f483ea..54e48b2 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -397,3 +397,7 @@
BUF_MEM_free(b);
return ok;
}
+
+int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *name, int type) {
+ return X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, name, type, NULL);
+}
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 8455211..7bcf465 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -263,3 +263,7 @@
sk_X509_INFO_pop_free(inf, X509_INFO_free);
return count;
}
+
+int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *name, int type) {
+ return X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, name, type, NULL);
+}
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 5955594..5a45a04 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -2844,10 +2844,6 @@
// Functions below this point have not yet been organized into sections.
-#define X509_FILETYPE_PEM 1
-#define X509_FILETYPE_ASN1 2
-#define X509_FILETYPE_DEFAULT 3
-
#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
#define X509v3_KU_NON_REPUDIATION 0x0040
#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
@@ -2997,11 +2993,27 @@
#define X509_L_FILE_LOAD 1
#define X509_L_ADD_DIR 2
-#define X509_LOOKUP_load_file(x, name, type) \
- X509_LOOKUP_ctrl((x), X509_L_FILE_LOAD, (name), (long)(type), NULL)
+// The following constants are used to specify the format of files in an
+// |X509_LOOKUP|.
+#define X509_FILETYPE_PEM 1
+#define X509_FILETYPE_ASN1 2
+#define X509_FILETYPE_DEFAULT 3
-#define X509_LOOKUP_add_dir(x, name, type) \
- X509_LOOKUP_ctrl((x), X509_L_ADD_DIR, (name), (long)(type), NULL)
+// X509_LOOKUP_load_file configures |lookup| to load information from the file
+// at |path|. It returns one on success and zero on error. |type| should be one
+// of the |X509_FILETYPE_*| constants to determine if the contents are PEM or
+// DER. If |type| is |X509_FILETYPE_DEFAULT|, |path| is ignored and instead some
+// default system path is used.
+OPENSSL_EXPORT int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *path,
+ int type);
+
+// X509_LOOKUP_add_dir configures |lookup| to load information from the
+// directory at |path|. It returns one on success and zero on error. |type|
+// should be one of the |X509_FILETYPE_*| constants to determine if the contents
+// are PEM or DER. If |type| is |X509_FILETYPE_DEFAULT|, |path| is ignored and
+// instead some default system path is used.
+OPENSSL_EXPORT int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *path,
+ int type);
#define X509_V_OK 0
#define X509_V_ERR_UNSPECIFIED 1
