Google Git
Sign in
boringssl/boringssl/2ff409e4bdca763654d68da147cef4fe572ee4f8^!/.
commit
2ff409e4bdca763654d68da147cef4fe572ee4f8
[log]
author
David Benjamin <davidben@google.com>
Wed Nov 22 01:32:03 2023 -0500
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Fri Dec 01 00:59:31 2023 +0000
tree
9779bc04018a0527cdacc39413469e10302e7c9b
parent
3a035dc523e60a0212e1adbbada3b6d6ed4e657e [diff]
Replace X509_LOOKUP_ctrl with real functions

Gain some type-checking.

Change-Id: I21524e0507f2c6b12d9f431a8cc6e82e28c94e24
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64248
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 2f483ea..54e48b2 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c

@@ -397,3 +397,7 @@
   BUF_MEM_free(b);
   return ok;
 }
+
+int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *name, int type) {
+  return X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, name, type, NULL);
+}

diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 8455211..7bcf465 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c

@@ -263,3 +263,7 @@
   sk_X509_INFO_pop_free(inf, X509_INFO_free);
   return count;
 }
+
+int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *name, int type) {
+  return X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, name, type, NULL);
+}

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 5955594..5a45a04 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h

@@ -2844,10 +2844,6 @@
 
 // Functions below this point have not yet been organized into sections.
 
-#define X509_FILETYPE_PEM 1
-#define X509_FILETYPE_ASN1 2
-#define X509_FILETYPE_DEFAULT 3
-
 #define X509v3_KU_DIGITAL_SIGNATURE 0x0080
 #define X509v3_KU_NON_REPUDIATION 0x0040
 #define X509v3_KU_KEY_ENCIPHERMENT 0x0020
@@ -2997,11 +2993,27 @@
 #define X509_L_FILE_LOAD 1
 #define X509_L_ADD_DIR 2
 
-#define X509_LOOKUP_load_file(x, name, type) \
-  X509_LOOKUP_ctrl((x), X509_L_FILE_LOAD, (name), (long)(type), NULL)
+// The following constants are used to specify the format of files in an
+// |X509_LOOKUP|.
+#define X509_FILETYPE_PEM 1
+#define X509_FILETYPE_ASN1 2
+#define X509_FILETYPE_DEFAULT 3
 
-#define X509_LOOKUP_add_dir(x, name, type) \
-  X509_LOOKUP_ctrl((x), X509_L_ADD_DIR, (name), (long)(type), NULL)
+// X509_LOOKUP_load_file configures |lookup| to load information from the file
+// at |path|. It returns one on success and zero on error. |type| should be one
+// of the |X509_FILETYPE_*| constants to determine if the contents are PEM or
+// DER. If |type| is |X509_FILETYPE_DEFAULT|, |path| is ignored and instead some
+// default system path is used.
+OPENSSL_EXPORT int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *path,
+                                         int type);
+
+// X509_LOOKUP_add_dir configures |lookup| to load information from the
+// directory at |path|. It returns one on success and zero on error. |type|
+// should be one of the |X509_FILETYPE_*| constants to determine if the contents
+// are PEM or DER. If |type| is |X509_FILETYPE_DEFAULT|, |path| is ignored and
+// instead some default system path is used.
+OPENSSL_EXPORT int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *path,
+                                       int type);
 
 #define X509_V_OK 0
 #define X509_V_ERR_UNSPECIFIED 1