summaryrefslogtreecommitdiff
path: root/src/lib/tls
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2018-09-04 12:59:47 -0400
committerNick Mathewson <nickm@torproject.org>2018-09-04 14:52:35 -0400
commitad94d43fc50525e8814b6e99f78d4b9635fa80ca (patch)
treece39bdaf6b1327de87a68ed749343bb018cf8ab6 /src/lib/tls
parent59c1b34b72ec6c55ca4de0c56a9be3da3d1c3e08 (diff)
downloadtor-ad94d43fc50525e8814b6e99f78d4b9635fa80ca.tar.gz
tor-ad94d43fc50525e8814b6e99f78d4b9635fa80ca.zip
Port test_tortls_verify to not depend on openssl internals
Diffstat (limited to 'src/lib/tls')
-rw-r--r--src/lib/tls/x509.c9
-rw-r--r--src/lib/tls/x509_internal.h1
-rw-r--r--src/lib/tls/x509_nss.c10
-rw-r--r--src/lib/tls/x509_openssl.c18
4 files changed, 25 insertions, 13 deletions
diff --git a/src/lib/tls/x509.c b/src/lib/tls/x509.c
index c88298b6cf..2e70206462 100644
--- a/src/lib/tls/x509.c
+++ b/src/lib/tls/x509.c
@@ -134,3 +134,12 @@ tor_x509_cert_new,(tor_x509_cert_impl_t *x509_cert))
tor_x509_cert_impl_free_(x509_cert);
return NULL;
}
+
+/** Return a new copy of <b>cert</b>. */
+tor_x509_cert_t *
+tor_x509_cert_dup(const tor_x509_cert_t *cert)
+{
+ tor_assert(cert);
+ tor_assert(cert->cert);
+ return tor_x509_cert_new(tor_x509_cert_impl_dup_(cert->cert));
+}
diff --git a/src/lib/tls/x509_internal.h b/src/lib/tls/x509_internal.h
index 0e186ec849..c08705cb25 100644
--- a/src/lib/tls/x509_internal.h
+++ b/src/lib/tls/x509_internal.h
@@ -41,6 +41,7 @@ int tor_x509_check_cert_lifetime_internal(int severity,
int future_tolerance);
void tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert);
+tor_x509_cert_impl_t *tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert);
#ifdef ENABLE_OPENSSL
int tor_x509_cert_set_cached_der_encoding(tor_x509_cert_t *cert);
#else
diff --git a/src/lib/tls/x509_nss.c b/src/lib/tls/x509_nss.c
index 68aebbb69a..5bb7940c90 100644
--- a/src/lib/tls/x509_nss.c
+++ b/src/lib/tls/x509_nss.c
@@ -225,11 +225,13 @@ tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert)
CERT_DestroyCertificate(cert);
}
-tor_x509_cert_t *
-tor_x509_cert_dup(const tor_x509_cert_t *cert)
+tor_x509_cert_impl_t *
+tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert)
{
- tor_assert(cert);
- return tor_x509_cert_new(CERT_DupCertificate(cert->cert));
+ if (cert)
+ return CERT_DupCertificate(cert);
+ else
+ return NULL;
}
/**
diff --git a/src/lib/tls/x509_openssl.c b/src/lib/tls/x509_openssl.c
index f315b88f36..dd74e84418 100644
--- a/src/lib/tls/x509_openssl.c
+++ b/src/lib/tls/x509_openssl.c
@@ -206,6 +206,15 @@ tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert)
X509_free(cert);
}
+tor_x509_cert_impl_t *
+tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert)
+{
+ if (cert)
+ return X509_dup(cert);
+ else
+ return NULL;
+}
+
/** Set *<b>encoded_out</b> and *<b>size_out</b> to <b>cert</b>'s encoded DER
* representation and length, respectively. */
void
@@ -219,15 +228,6 @@ tor_x509_cert_get_der(const tor_x509_cert_t *cert,
*size_out = cert->encoded_len;
}
-/** Return a new copy of <b>cert</b>. */
-tor_x509_cert_t *
-tor_x509_cert_dup(const tor_x509_cert_t *cert)
-{
- tor_assert(cert);
- X509 *x509 = cert->cert;
- return tor_x509_cert_new(X509_dup(x509));
-}
-
/** Read a DER-encoded X509 cert, of length exactly <b>certificate_len</b>,
* from a <b>certificate</b>. Return a newly allocated tor_x509_cert_t on
* success and NULL on failure. */