Remove X509_STORE_CTX_purpose_inherit
X509_STORE_CTX_purpose_inherit's behavior is even more bizarre than
X509_STORE_CTX_set_purpose and X509_STORE_CTX_set_trust. Remove it and
reimplement X509_STORE_CTX_set_purpose and X509_STORE_CTX_set_trust's
behaviors directly.
Change-Id: Icc6a4a84ee8fa38e2fe70a4cfa06e74dee186d29
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65208
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 929d2b3..a6f6215 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1480,62 +1480,40 @@
}
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) {
- return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
+ // If |purpose| is zero, this function historically silently did nothing.
+ if (purpose == 0) {
+ return 1;
+ }
+
+ int idx = X509_PURPOSE_get_by_id(purpose);
+ if (idx == -1) {
+ OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID);
+ return 0;
+ }
+
+ int trust = X509_PURPOSE_get_trust(X509_PURPOSE_get0(idx));
+ if (!X509_STORE_CTX_set_trust(ctx, trust)) {
+ return 0;
+ }
+
+ if (ctx->param->purpose == 0) {
+ ctx->param->purpose = purpose;
+ }
+ return 1;
}
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) {
- return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
-}
-
-// This function is used to set the X509_STORE_CTX purpose and trust values.
-// This is intended to be used when another structure has its own trust and
-// purpose values which (if set) will be inherited by the ctx. If they aren't
-// set then we will usually have a default purpose in mind which should then
-// be used to set the trust value. An example of this is SSL use: an SSL
-// structure will have its own purpose and trust settings which the
-// application can set: if they aren't set then we use the default of SSL
-// client/server.
-
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
- int purpose, int trust) {
- int idx;
- // If purpose not set use default
- if (!purpose) {
- purpose = def_purpose;
- }
- // If we have a purpose then check it is valid
- if (purpose) {
- idx = X509_PURPOSE_get_by_id(purpose);
- if (idx == -1) {
- OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID);
- return 0;
- }
- const X509_PURPOSE *ptmp = X509_PURPOSE_get0(idx);
- if (ptmp->trust == X509_TRUST_DEFAULT) {
- idx = X509_PURPOSE_get_by_id(def_purpose);
- if (idx == -1) {
- OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID);
- return 0;
- }
- ptmp = X509_PURPOSE_get0(idx);
- }
- // If trust not set then get from purpose default
- if (!trust) {
- trust = ptmp->trust;
- }
- }
- if (trust) {
- idx = X509_TRUST_get_by_id(trust);
- if (idx == -1) {
- OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_TRUST_ID);
- return 0;
- }
+ // If |trust| is zero, this function historically silently did nothing.
+ if (trust == 0) {
+ return 1;
}
- if (purpose && !ctx->param->purpose) {
- ctx->param->purpose = purpose;
+ if (X509_TRUST_get_by_id(trust) == -1) {
+ OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_TRUST_ID);
+ return 0;
}
- if (trust && !ctx->param->trust) {
+
+ if (ctx->param->trust == 0) {
ctx->param->trust = trust;
}
return 1;
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 29a4930..ff18c48 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -4289,12 +4289,6 @@
OPENSSL_EXPORT void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,
STACK_OF(X509_CRL) *sk);
-// X509_STORE_CTX_purpose_inherit is an internal implementation detail that will
-// shortly be removed.
-OPENSSL_EXPORT int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx,
- int def_purpose, int purpose,
- int trust);
-
// X509_STORE_CTX_set_flags enables all values in |flags| in |ctx|'s
// verification flags. |flags| should be a combination of |X509_V_FLAG_*|
// constants.
