Make the CT code library context aware

[thirdparty/openssl.git] / crypto / ct / ct_policy.c

diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c
index 0305970a942af08bd3f99eda86e5dd0abb301d24..568d8e6d64019fc9a84f7c0b789cfce993857f83 100644 (file)
--- a/crypto/ct/ct_policy.c
+++ b/crypto/ct/ct_policy.c
@@ -25,15 +25,25 @@
  */
 static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300;
 
-CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void)
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
+                                                       const char *propq)
 {
     CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX));
 
     if (ctx == NULL) {
-        CTerr(CT_F_CT_POLICY_EVAL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        CTerr(0, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
+    ctx->libctx = libctx;
+    if (propq != NULL) {
+        ctx->propq = OPENSSL_strdup(propq);
+        if (ctx->propq == NULL) {
+            CTerr(0, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+    }
+
     /* time(NULL) shouldn't ever fail, so don't bother checking for -1. */
     ctx->epoch_time_in_ms = (uint64_t)(time(NULL) + SCT_CLOCK_DRIFT_TOLERANCE) *
             1000;
@@ -41,12 +51,18 @@ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void)
     return ctx;
 }
 
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void)
+{
+    return CT_POLICY_EVAL_CTX_new_with_libctx(NULL, NULL);
+}
+
 void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx)
 {
     if (ctx == NULL)
         return;
     X509_free(ctx->cert);
     X509_free(ctx->issuer);
+    OPENSSL_free(ctx->propq);
     OPENSSL_free(ctx);
 }