grpc 1.32.0 → 1.33.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +175 -376
- data/include/grpc/grpc.h +0 -5
- data/include/grpc/grpc_security.h +16 -0
- data/include/grpc/impl/codegen/grpc_types.h +0 -5
- data/src/core/ext/filters/client_channel/client_channel.cc +204 -170
- data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
- data/src/core/ext/filters/client_channel/config_selector.h +34 -5
- data/src/core/ext/filters/client_channel/lb_policy.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +106 -106
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +9 -32
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +198 -126
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +439 -249
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds_drop.cc +571 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +727 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +553 -358
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +8 -39
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +4 -2
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +44 -43
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +5 -9
- data/src/core/ext/filters/client_channel/server_address.cc +80 -0
- data/src/core/ext/filters/client_channel/server_address.h +25 -36
- data/src/core/ext/filters/client_channel/service_config.cc +16 -13
- data/src/core/ext/filters/client_channel/service_config.h +7 -4
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
- data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
- data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
- data/src/core/ext/filters/client_channel/subchannel_interface.h +44 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +2 -1
- data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +17 -10
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +10 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +5 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +16 -2
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +29 -9
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +66 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +123 -45
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +310 -53
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +17 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +45 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +16 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +38 -15
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +133 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +54 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +123 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +40 -16
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +114 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +85 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +36 -16
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +86 -20
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +23 -6
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +54 -5
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +10 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +28 -11
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +184 -57
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +504 -69
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +6 -5
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +78 -26
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +236 -25
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +8 -9
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +19 -33
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +7 -3
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +16 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +65 -23
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +229 -47
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +20 -10
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +67 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +6 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +753 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +57 -0
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +53 -0
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +129 -0
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +77 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +85 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +160 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +84 -0
- data/src/core/ext/xds/certificate_provider_factory.h +59 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.h +50 -0
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.cc +377 -0
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h +102 -0
- data/src/core/ext/xds/xds_api.cc +301 -93
- data/src/core/ext/xds/xds_api.h +129 -92
- data/src/core/ext/xds/xds_channel_args.h +6 -3
- data/src/core/ext/xds/xds_client.cc +498 -410
- data/src/core/ext/xds/xds_client.h +105 -51
- data/src/core/ext/xds/xds_client_stats.cc +18 -12
- data/src/core/ext/xds/xds_client_stats.h +33 -5
- data/src/core/lib/channel/channel_args.h +0 -1
- data/src/core/lib/channel/channelz.cc +10 -45
- data/src/core/lib/channel/channelz.h +11 -19
- data/src/core/lib/channel/channelz_registry.cc +12 -11
- data/src/core/lib/channel/channelz_registry.h +3 -0
- data/src/core/lib/gpr/time_precise.cc +2 -0
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gprpp/dual_ref_counted.h +336 -0
- data/src/core/lib/gprpp/ref_counted.h +51 -22
- data/src/core/lib/gprpp/ref_counted_ptr.h +153 -0
- data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
- data/src/core/lib/iomgr/exec_ctx.h +10 -8
- data/src/core/lib/json/json_util.cc +58 -0
- data/src/core/lib/json/json_util.h +37 -0
- data/src/core/lib/security/certificate_provider.h +60 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +321 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +214 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +45 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +51 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +6 -10
- data/src/core/lib/security/security_connector/ssl_utils.h +5 -0
- data/src/core/lib/surface/channel.cc +9 -31
- data/src/core/lib/surface/channel.h +6 -1
- data/src/core/lib/surface/init.cc +26 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/connectivity_state.h +2 -2
- data/src/core/lib/transport/metadata.cc +11 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +35 -20
- data/src/core/tsi/ssl_transport_security.cc +2 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +3 -3
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/err_data.c +465 -463
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -6
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +10 -15
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +98 -11
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +51 -6
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +44 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +221 -49
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +64 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +7 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +21 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +24 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +13 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +0 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +12 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +9 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +4 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +9 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +26 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +188 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +52 -43
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +18 -18
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +9 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +4 -8
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +2 -2
- metadata +72 -42
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.h +0 -29
- data/src/core/ext/xds/xds_channel.h +0 -46
- data/src/core/ext/xds/xds_channel_secure.cc +0 -103
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
|
@@ -56,144 +56,144 @@
|
|
|
56
56
|
|
|
57
57
|
#include <openssl/x509.h>
|
|
58
58
|
|
|
59
|
-
const char *X509_verify_cert_error_string(long
|
|
59
|
+
const char *X509_verify_cert_error_string(long err)
|
|
60
60
|
{
|
|
61
|
-
switch (
|
|
61
|
+
switch (err) {
|
|
62
62
|
case X509_V_OK:
|
|
63
|
-
return
|
|
63
|
+
return "ok";
|
|
64
64
|
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
|
65
|
-
return
|
|
65
|
+
return "unable to get issuer certificate";
|
|
66
66
|
case X509_V_ERR_UNABLE_TO_GET_CRL:
|
|
67
|
-
return
|
|
67
|
+
return "unable to get certificate CRL";
|
|
68
68
|
case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
|
|
69
|
-
return
|
|
69
|
+
return "unable to decrypt certificate's signature";
|
|
70
70
|
case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
|
|
71
|
-
return
|
|
71
|
+
return "unable to decrypt CRL's signature";
|
|
72
72
|
case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
|
|
73
|
-
return
|
|
73
|
+
return "unable to decode issuer public key";
|
|
74
74
|
case X509_V_ERR_CERT_SIGNATURE_FAILURE:
|
|
75
|
-
return
|
|
75
|
+
return "certificate signature failure";
|
|
76
76
|
case X509_V_ERR_CRL_SIGNATURE_FAILURE:
|
|
77
|
-
return
|
|
77
|
+
return "CRL signature failure";
|
|
78
78
|
case X509_V_ERR_CERT_NOT_YET_VALID:
|
|
79
|
-
return
|
|
79
|
+
return "certificate is not yet valid";
|
|
80
80
|
case X509_V_ERR_CRL_NOT_YET_VALID:
|
|
81
|
-
return
|
|
81
|
+
return "CRL is not yet valid";
|
|
82
82
|
case X509_V_ERR_CERT_HAS_EXPIRED:
|
|
83
|
-
return
|
|
83
|
+
return "certificate has expired";
|
|
84
84
|
case X509_V_ERR_CRL_HAS_EXPIRED:
|
|
85
|
-
return
|
|
85
|
+
return "CRL has expired";
|
|
86
86
|
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
|
|
87
|
-
return
|
|
87
|
+
return "format error in certificate's notBefore field";
|
|
88
88
|
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
|
|
89
|
-
return
|
|
89
|
+
return "format error in certificate's notAfter field";
|
|
90
90
|
case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
|
|
91
|
-
return
|
|
91
|
+
return "format error in CRL's lastUpdate field";
|
|
92
92
|
case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
|
|
93
|
-
return
|
|
93
|
+
return "format error in CRL's nextUpdate field";
|
|
94
94
|
case X509_V_ERR_OUT_OF_MEM:
|
|
95
|
-
return
|
|
95
|
+
return "out of memory";
|
|
96
96
|
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
|
|
97
|
-
return
|
|
97
|
+
return "self signed certificate";
|
|
98
98
|
case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
|
|
99
|
-
return
|
|
99
|
+
return "self signed certificate in certificate chain";
|
|
100
100
|
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
|
|
101
|
-
return
|
|
101
|
+
return "unable to get local issuer certificate";
|
|
102
102
|
case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
|
|
103
|
-
return
|
|
103
|
+
return "unable to verify the first certificate";
|
|
104
104
|
case X509_V_ERR_CERT_CHAIN_TOO_LONG:
|
|
105
|
-
return
|
|
105
|
+
return "certificate chain too long";
|
|
106
106
|
case X509_V_ERR_CERT_REVOKED:
|
|
107
|
-
return
|
|
107
|
+
return "certificate revoked";
|
|
108
108
|
case X509_V_ERR_INVALID_CA:
|
|
109
|
-
return
|
|
109
|
+
return "invalid CA certificate";
|
|
110
110
|
case X509_V_ERR_INVALID_NON_CA:
|
|
111
|
-
return
|
|
111
|
+
return "invalid non-CA certificate (has CA markings)";
|
|
112
112
|
case X509_V_ERR_PATH_LENGTH_EXCEEDED:
|
|
113
|
-
return
|
|
113
|
+
return "path length constraint exceeded";
|
|
114
114
|
case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
|
|
115
|
-
return
|
|
115
|
+
return "proxy path length constraint exceeded";
|
|
116
116
|
case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
|
|
117
117
|
return
|
|
118
|
-
|
|
118
|
+
"proxy certificates not allowed, please set the appropriate flag";
|
|
119
119
|
case X509_V_ERR_INVALID_PURPOSE:
|
|
120
|
-
return
|
|
120
|
+
return "unsupported certificate purpose";
|
|
121
121
|
case X509_V_ERR_CERT_UNTRUSTED:
|
|
122
|
-
return
|
|
122
|
+
return "certificate not trusted";
|
|
123
123
|
case X509_V_ERR_CERT_REJECTED:
|
|
124
|
-
return
|
|
124
|
+
return "certificate rejected";
|
|
125
125
|
case X509_V_ERR_APPLICATION_VERIFICATION:
|
|
126
|
-
return
|
|
126
|
+
return "application verification failure";
|
|
127
127
|
case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
|
|
128
|
-
return
|
|
128
|
+
return "subject issuer mismatch";
|
|
129
129
|
case X509_V_ERR_AKID_SKID_MISMATCH:
|
|
130
|
-
return
|
|
130
|
+
return "authority and subject key identifier mismatch";
|
|
131
131
|
case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
|
|
132
|
-
return
|
|
132
|
+
return "authority and issuer serial number mismatch";
|
|
133
133
|
case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
|
|
134
|
-
return
|
|
134
|
+
return "key usage does not include certificate signing";
|
|
135
135
|
case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
|
|
136
|
-
return
|
|
136
|
+
return "unable to get CRL issuer certificate";
|
|
137
137
|
case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
|
|
138
|
-
return
|
|
138
|
+
return "unhandled critical extension";
|
|
139
139
|
case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
|
|
140
|
-
return
|
|
140
|
+
return "key usage does not include CRL signing";
|
|
141
141
|
case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
|
|
142
|
-
return
|
|
142
|
+
return "key usage does not include digital signature";
|
|
143
143
|
case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
|
|
144
|
-
return
|
|
144
|
+
return "unhandled critical CRL extension";
|
|
145
145
|
case X509_V_ERR_INVALID_EXTENSION:
|
|
146
|
-
return
|
|
146
|
+
return "invalid or inconsistent certificate extension";
|
|
147
147
|
case X509_V_ERR_INVALID_POLICY_EXTENSION:
|
|
148
|
-
return
|
|
148
|
+
return "invalid or inconsistent certificate policy extension";
|
|
149
149
|
case X509_V_ERR_NO_EXPLICIT_POLICY:
|
|
150
|
-
return
|
|
150
|
+
return "no explicit policy";
|
|
151
151
|
case X509_V_ERR_DIFFERENT_CRL_SCOPE:
|
|
152
|
-
return
|
|
152
|
+
return "Different CRL scope";
|
|
153
153
|
case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
|
|
154
|
-
return
|
|
154
|
+
return "Unsupported extension feature";
|
|
155
155
|
case X509_V_ERR_UNNESTED_RESOURCE:
|
|
156
|
-
return
|
|
156
|
+
return "RFC 3779 resource not subset of parent's resources";
|
|
157
157
|
|
|
158
158
|
case X509_V_ERR_PERMITTED_VIOLATION:
|
|
159
|
-
return
|
|
159
|
+
return "permitted subtree violation";
|
|
160
160
|
case X509_V_ERR_EXCLUDED_VIOLATION:
|
|
161
|
-
return
|
|
161
|
+
return "excluded subtree violation";
|
|
162
162
|
case X509_V_ERR_SUBTREE_MINMAX:
|
|
163
|
-
return
|
|
163
|
+
return "name constraints minimum and maximum not supported";
|
|
164
164
|
case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
|
|
165
|
-
return
|
|
165
|
+
return "unsupported name constraint type";
|
|
166
166
|
case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
|
|
167
|
-
return
|
|
167
|
+
return "unsupported or invalid name constraint syntax";
|
|
168
168
|
case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
|
|
169
|
-
return
|
|
169
|
+
return "unsupported or invalid name syntax";
|
|
170
170
|
case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
|
|
171
|
-
return
|
|
171
|
+
return "CRL path validation error";
|
|
172
172
|
|
|
173
173
|
case X509_V_ERR_SUITE_B_INVALID_VERSION:
|
|
174
|
-
return
|
|
174
|
+
return "Suite B: certificate version invalid";
|
|
175
175
|
case X509_V_ERR_SUITE_B_INVALID_ALGORITHM:
|
|
176
|
-
return
|
|
176
|
+
return "Suite B: invalid public key algorithm";
|
|
177
177
|
case X509_V_ERR_SUITE_B_INVALID_CURVE:
|
|
178
|
-
return
|
|
178
|
+
return "Suite B: invalid ECC curve";
|
|
179
179
|
case X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM:
|
|
180
|
-
return
|
|
180
|
+
return "Suite B: invalid signature algorithm";
|
|
181
181
|
case X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED:
|
|
182
|
-
return
|
|
182
|
+
return "Suite B: curve not allowed for this LOS";
|
|
183
183
|
case X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256:
|
|
184
|
-
return
|
|
184
|
+
return "Suite B: cannot sign P-384 with P-256";
|
|
185
185
|
|
|
186
186
|
case X509_V_ERR_HOSTNAME_MISMATCH:
|
|
187
|
-
return
|
|
187
|
+
return "Hostname mismatch";
|
|
188
188
|
case X509_V_ERR_EMAIL_MISMATCH:
|
|
189
|
-
return
|
|
189
|
+
return "Email address mismatch";
|
|
190
190
|
case X509_V_ERR_IP_ADDRESS_MISMATCH:
|
|
191
|
-
return
|
|
191
|
+
return "IP address mismatch";
|
|
192
192
|
|
|
193
193
|
case X509_V_ERR_INVALID_CALL:
|
|
194
|
-
return
|
|
194
|
+
return "Invalid certificate verification context";
|
|
195
195
|
case X509_V_ERR_STORE_LOOKUP:
|
|
196
|
-
return
|
|
196
|
+
return "Issuer certificate lookup error";
|
|
197
197
|
|
|
198
198
|
case X509_V_ERR_NAME_CONSTRAINTS_WITHOUT_SANS:
|
|
199
199
|
return "Issuer has name constraints but leaf has no SANs";
|
|
@@ -181,7 +181,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
|
181
181
|
|
|
182
182
|
X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
|
|
183
183
|
int crit,
|
|
184
|
-
ASN1_OCTET_STRING *data)
|
|
184
|
+
const ASN1_OCTET_STRING *data)
|
|
185
185
|
{
|
|
186
186
|
const ASN1_OBJECT *obj;
|
|
187
187
|
X509_EXTENSION *ret;
|
|
@@ -197,7 +197,7 @@ X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
|
|
|
197
197
|
|
|
198
198
|
X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
|
|
199
199
|
const ASN1_OBJECT *obj, int crit,
|
|
200
|
-
ASN1_OCTET_STRING *data)
|
|
200
|
+
const ASN1_OCTET_STRING *data)
|
|
201
201
|
{
|
|
202
202
|
X509_EXTENSION *ret;
|
|
203
203
|
|
|
@@ -242,7 +242,7 @@ int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
|
|
|
242
242
|
return (1);
|
|
243
243
|
}
|
|
244
244
|
|
|
245
|
-
int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
|
|
245
|
+
int X509_EXTENSION_set_data(X509_EXTENSION *ex, const ASN1_OCTET_STRING *data)
|
|
246
246
|
{
|
|
247
247
|
int i;
|
|
248
248
|
|
|
@@ -1037,7 +1037,7 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
|
|
|
1037
1037
|
else
|
|
1038
1038
|
ptime = NULL;
|
|
1039
1039
|
|
|
1040
|
-
i = X509_cmp_time(
|
|
1040
|
+
i = X509_cmp_time(X509_CRL_get0_lastUpdate(crl), ptime);
|
|
1041
1041
|
if (i == 0) {
|
|
1042
1042
|
if (!notify)
|
|
1043
1043
|
return 0;
|
|
@@ -1054,8 +1054,8 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
|
|
|
1054
1054
|
return 0;
|
|
1055
1055
|
}
|
|
1056
1056
|
|
|
1057
|
-
if (
|
|
1058
|
-
i = X509_cmp_time(
|
|
1057
|
+
if (X509_CRL_get0_nextUpdate(crl)) {
|
|
1058
|
+
i = X509_cmp_time(X509_CRL_get0_nextUpdate(crl), ptime);
|
|
1059
1059
|
|
|
1060
1060
|
if (i == 0) {
|
|
1061
1061
|
if (!notify)
|
|
@@ -1100,8 +1100,8 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
|
|
|
1100
1100
|
/* If current CRL is equivalent use it if it is newer */
|
|
1101
1101
|
if (crl_score == best_score && best_crl != NULL) {
|
|
1102
1102
|
int day, sec;
|
|
1103
|
-
if (ASN1_TIME_diff(&day, &sec,
|
|
1104
|
-
|
|
1103
|
+
if (ASN1_TIME_diff(&day, &sec, X509_CRL_get0_lastUpdate(best_crl),
|
|
1104
|
+
X509_CRL_get0_lastUpdate(crl)) == 0)
|
|
1105
1105
|
continue;
|
|
1106
1106
|
/*
|
|
1107
1107
|
* ASN1_TIME_diff never returns inconsistent signs for |day|
|
|
@@ -2058,9 +2058,9 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
|
|
|
2058
2058
|
if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer)))
|
|
2059
2059
|
goto memerr;
|
|
2060
2060
|
|
|
2061
|
-
if (!
|
|
2061
|
+
if (!X509_CRL_set1_lastUpdate(crl, X509_CRL_get0_lastUpdate(newer)))
|
|
2062
2062
|
goto memerr;
|
|
2063
|
-
if (!
|
|
2063
|
+
if (!X509_CRL_set1_nextUpdate(crl, X509_CRL_get0_nextUpdate(newer)))
|
|
2064
2064
|
goto memerr;
|
|
2065
2065
|
|
|
2066
2066
|
/* Set base CRL number: must be critical */
|
|
@@ -2307,8 +2307,6 @@ void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
|
|
|
2307
2307
|
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
|
2308
2308
|
STACK_OF(X509) *chain)
|
|
2309
2309
|
{
|
|
2310
|
-
int ret = 1;
|
|
2311
|
-
|
|
2312
2310
|
X509_STORE_CTX_zero(ctx);
|
|
2313
2311
|
ctx->ctx = store;
|
|
2314
2312
|
ctx->cert = x509;
|
|
@@ -2316,78 +2314,74 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
|
|
|
2316
2314
|
|
|
2317
2315
|
CRYPTO_new_ex_data(&ctx->ex_data);
|
|
2318
2316
|
|
|
2317
|
+
if (store == NULL) {
|
|
2318
|
+
OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER);
|
|
2319
|
+
goto err;
|
|
2320
|
+
}
|
|
2321
|
+
|
|
2319
2322
|
ctx->param = X509_VERIFY_PARAM_new();
|
|
2320
2323
|
if (!ctx->param)
|
|
2321
2324
|
goto err;
|
|
2322
2325
|
|
|
2323
2326
|
/*
|
|
2324
|
-
* Inherit callbacks and flags from X509_STORE
|
|
2327
|
+
* Inherit callbacks and flags from X509_STORE.
|
|
2325
2328
|
*/
|
|
2326
2329
|
|
|
2327
|
-
|
|
2328
|
-
|
|
2329
|
-
else
|
|
2330
|
-
ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT | X509_VP_FLAG_ONCE;
|
|
2331
|
-
|
|
2332
|
-
if (store) {
|
|
2333
|
-
ctx->verify_cb = store->verify_cb;
|
|
2334
|
-
ctx->cleanup = store->cleanup;
|
|
2335
|
-
} else
|
|
2336
|
-
ctx->cleanup = 0;
|
|
2330
|
+
ctx->verify_cb = store->verify_cb;
|
|
2331
|
+
ctx->cleanup = store->cleanup;
|
|
2337
2332
|
|
|
2338
|
-
if (
|
|
2339
|
-
|
|
2340
|
-
|
|
2341
|
-
|
|
2342
|
-
if (ret == 0)
|
|
2333
|
+
if (!X509_VERIFY_PARAM_inherit(ctx->param, store->param) ||
|
|
2334
|
+
!X509_VERIFY_PARAM_inherit(ctx->param,
|
|
2335
|
+
X509_VERIFY_PARAM_lookup("default"))) {
|
|
2343
2336
|
goto err;
|
|
2337
|
+
}
|
|
2344
2338
|
|
|
2345
|
-
if (store
|
|
2339
|
+
if (store->check_issued)
|
|
2346
2340
|
ctx->check_issued = store->check_issued;
|
|
2347
2341
|
else
|
|
2348
2342
|
ctx->check_issued = check_issued;
|
|
2349
2343
|
|
|
2350
|
-
if (store
|
|
2344
|
+
if (store->get_issuer)
|
|
2351
2345
|
ctx->get_issuer = store->get_issuer;
|
|
2352
2346
|
else
|
|
2353
2347
|
ctx->get_issuer = X509_STORE_CTX_get1_issuer;
|
|
2354
2348
|
|
|
2355
|
-
if (store
|
|
2349
|
+
if (store->verify_cb)
|
|
2356
2350
|
ctx->verify_cb = store->verify_cb;
|
|
2357
2351
|
else
|
|
2358
2352
|
ctx->verify_cb = null_callback;
|
|
2359
2353
|
|
|
2360
|
-
if (store
|
|
2354
|
+
if (store->verify)
|
|
2361
2355
|
ctx->verify = store->verify;
|
|
2362
2356
|
else
|
|
2363
2357
|
ctx->verify = internal_verify;
|
|
2364
2358
|
|
|
2365
|
-
if (store
|
|
2359
|
+
if (store->check_revocation)
|
|
2366
2360
|
ctx->check_revocation = store->check_revocation;
|
|
2367
2361
|
else
|
|
2368
2362
|
ctx->check_revocation = check_revocation;
|
|
2369
2363
|
|
|
2370
|
-
if (store
|
|
2364
|
+
if (store->get_crl)
|
|
2371
2365
|
ctx->get_crl = store->get_crl;
|
|
2372
2366
|
else
|
|
2373
2367
|
ctx->get_crl = NULL;
|
|
2374
2368
|
|
|
2375
|
-
if (store
|
|
2369
|
+
if (store->check_crl)
|
|
2376
2370
|
ctx->check_crl = store->check_crl;
|
|
2377
2371
|
else
|
|
2378
2372
|
ctx->check_crl = check_crl;
|
|
2379
2373
|
|
|
2380
|
-
if (store
|
|
2374
|
+
if (store->cert_crl)
|
|
2381
2375
|
ctx->cert_crl = store->cert_crl;
|
|
2382
2376
|
else
|
|
2383
2377
|
ctx->cert_crl = cert_crl;
|
|
2384
2378
|
|
|
2385
|
-
if (store
|
|
2379
|
+
if (store->lookup_certs)
|
|
2386
2380
|
ctx->lookup_certs = store->lookup_certs;
|
|
2387
2381
|
else
|
|
2388
2382
|
ctx->lookup_certs = X509_STORE_get1_certs;
|
|
2389
2383
|
|
|
2390
|
-
if (store
|
|
2384
|
+
if (store->lookup_crls)
|
|
2391
2385
|
ctx->lookup_crls = store->lookup_crls;
|
|
2392
2386
|
else
|
|
2393
2387
|
ctx->lookup_crls = X509_STORE_get1_crls;
|
|
@@ -79,7 +79,7 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
|
|
|
79
79
|
return (X509_NAME_set(&x->crl->issuer, name));
|
|
80
80
|
}
|
|
81
81
|
|
|
82
|
-
int
|
|
82
|
+
int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
|
|
83
83
|
{
|
|
84
84
|
ASN1_TIME *in;
|
|
85
85
|
|
|
@@ -96,7 +96,7 @@ int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
|
|
|
96
96
|
return (in != NULL);
|
|
97
97
|
}
|
|
98
98
|
|
|
99
|
-
int
|
|
99
|
+
int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
|
|
100
100
|
{
|
|
101
101
|
ASN1_TIME *in;
|
|
102
102
|
|
|
@@ -170,6 +170,11 @@ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl)
|
|
|
170
170
|
return crl->crl->revoked;
|
|
171
171
|
}
|
|
172
172
|
|
|
173
|
+
const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl)
|
|
174
|
+
{
|
|
175
|
+
return crl->crl->extensions;
|
|
176
|
+
}
|
|
177
|
+
|
|
173
178
|
void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
|
|
174
179
|
const X509_ALGOR **palg)
|
|
175
180
|
{
|
|
@@ -228,6 +233,12 @@ int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
|
|
|
228
233
|
return (in != NULL);
|
|
229
234
|
}
|
|
230
235
|
|
|
236
|
+
const STACK_OF(X509_EXTENSION) *
|
|
237
|
+
X509_REVOKED_get0_extensions(const X509_REVOKED *r)
|
|
238
|
+
{
|
|
239
|
+
return r->extensions;
|
|
240
|
+
}
|
|
241
|
+
|
|
231
242
|
int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp)
|
|
232
243
|
{
|
|
233
244
|
crl->crl->enc.modified = 1;
|
|
@@ -66,7 +66,8 @@
|
|
|
66
66
|
#include "../internal.h"
|
|
67
67
|
|
|
68
68
|
|
|
69
|
-
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,
|
|
69
|
+
int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid, char *buf,
|
|
70
|
+
int len)
|
|
70
71
|
{
|
|
71
72
|
const ASN1_OBJECT *obj;
|
|
72
73
|
|
|
@@ -76,7 +77,7 @@ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
|
|
|
76
77
|
return (X509_NAME_get_text_by_OBJ(name, obj, buf, len));
|
|
77
78
|
}
|
|
78
79
|
|
|
79
|
-
int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
|
|
80
|
+
int X509_NAME_get_text_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
|
|
80
81
|
char *buf, int len)
|
|
81
82
|
{
|
|
82
83
|
int i;
|
|
@@ -94,14 +95,14 @@ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
|
|
|
94
95
|
return (i);
|
|
95
96
|
}
|
|
96
97
|
|
|
97
|
-
int X509_NAME_entry_count(X509_NAME *name)
|
|
98
|
+
int X509_NAME_entry_count(const X509_NAME *name)
|
|
98
99
|
{
|
|
99
100
|
if (name == NULL)
|
|
100
101
|
return (0);
|
|
101
102
|
return (sk_X509_NAME_ENTRY_num(name->entries));
|
|
102
103
|
}
|
|
103
104
|
|
|
104
|
-
int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
|
|
105
|
+
int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos)
|
|
105
106
|
{
|
|
106
107
|
const ASN1_OBJECT *obj;
|
|
107
108
|
|
|
@@ -112,7 +113,7 @@ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
|
|
|
112
113
|
}
|
|
113
114
|
|
|
114
115
|
/* NOTE: you should be passsing -1, not 0 as lastpos */
|
|
115
|
-
int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
|
|
116
|
+
int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
|
|
116
117
|
int lastpos)
|
|
117
118
|
{
|
|
118
119
|
int n;
|
|
@@ -133,7 +134,7 @@ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
|
|
|
133
134
|
return (-1);
|
|
134
135
|
}
|
|
135
136
|
|
|
136
|
-
X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
|
|
137
|
+
X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc)
|
|
137
138
|
{
|
|
138
139
|
if (name == NULL || loc < 0
|
|
139
140
|
|| sk_X509_NAME_ENTRY_num(name->entries) <= (size_t)loc)
|
|
@@ -374,14 +375,14 @@ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
|
|
|
374
375
|
return (1);
|
|
375
376
|
}
|
|
376
377
|
|
|
377
|
-
ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
|
|
378
|
+
ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne)
|
|
378
379
|
{
|
|
379
380
|
if (ne == NULL)
|
|
380
381
|
return (NULL);
|
|
381
382
|
return (ne->object);
|
|
382
383
|
}
|
|
383
384
|
|
|
384
|
-
ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
|
|
385
|
+
ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne)
|
|
385
386
|
{
|
|
386
387
|
if (ne == NULL)
|
|
387
388
|
return (NULL);
|