Hold CA names as |CRYPTO_BUFFER|s. This change converts the CA names that are parsed from a server's CertificateRequest, as well as the CA names that are configured for sending to clients in the same, to use |CRYPTO_BUFFER|. The |X509_NAME|-based interfaces are turned into compatibility wrappers. Change-Id: I95304ecc988ee39320499739a0866c7f8ff5ed98 Reviewed-on: https://boringssl-review.googlesource.com/13585 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 34b4c829fd4c0803bb0fca6088814985205f900b [log] [tgz]
author: Adam Langley <agl@google.com> Thu Feb 02 10:57:17 2017 -0800
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Feb 28 22:24:31 2017 +0000
tree: 9cfeebc4803380b08ac5c0f2498a7197f229f28b
parent: 2ff7933f22e41be517224c770268d82c1b92ad80 [diff] [blame]
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 3131539..ef22e8f 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -3969,7 +3969,11 @@
   void (*info_callback)(const SSL *ssl, int type, int value);
 
   /* what we put in client cert requests */
-  STACK_OF(X509_NAME) *client_CA;
+  STACK_OF(CRYPTO_BUFFER) *client_CA;
+
+  /* cached_x509_client_CA is a cache of parsed versions of the elements of
+   * |client_CA|. */
+  STACK_OF(X509_NAME) *cached_x509_client_CA;
 
 
   /* Default values to use in SSL structures follow (these are copied by
commit	34b4c829fd4c0803bb0fca6088814985205f900b	[log] [tgz]
author	Adam Langley <agl@google.com>	Thu Feb 02 10:57:17 2017 -0800
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Tue Feb 28 22:24:31 2017 +0000
tree	9cfeebc4803380b08ac5c0f2498a7197f229f28b
parent	2ff7933f22e41be517224c770268d82c1b92ad80 [diff] [blame]