1 files changed, 28 insertions, 26 deletions

diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c
index f53f279..5d856f0 100644
--- a/src/crypto/x509/x509_vfy.c
+++ b/src/crypto/x509/x509_vfy.c
@@ -72,7 +72,8 @@
 #include "../internal.h"
 
 
-static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT;
+static CRYPTO_EX_DATA_CLASS g_ex_data_class =
+	CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA;
 
 /* CRL score values */
 
@@ -201,7 +202,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 	STACK_OF(X509) *sktmp=NULL;
 	if (ctx->cert == NULL)
 		{
-		OPENSSL_PUT_ERROR(X509, X509_verify_cert, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
+		OPENSSL_PUT_ERROR(X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
 		return -1;
 		}
 
@@ -214,7 +215,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 		if (	((ctx->chain=sk_X509_new_null()) == NULL) ||
 			(!sk_X509_push(ctx->chain,ctx->cert)))
 			{
-			OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE);
+			OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 			goto end;
 			}
 		X509_up_ref(ctx->cert);
@@ -225,7 +226,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 	if (ctx->untrusted != NULL
 	    && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
 		{
-		OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE);
+		OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 		goto end;
 		}
 
@@ -251,7 +252,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 			{
 			ok = ctx->get_issuer(&xtmp, ctx, x);
 			if (ok < 0)
-				return ok;
+				goto end;
 			/* If successful for now free up cert so it
 			 * will be picked up again later.
 			 */
@@ -270,10 +271,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 				{
 				if (!sk_X509_push(ctx->chain,xtmp))
 					{
-					OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE);
+					OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 					goto end;
 					}
-				CRYPTO_refcount_inc(&xtmp->references);
+				X509_up_ref(xtmp);
 				(void)sk_X509_delete_ptr(sktmp,xtmp);
 				ctx->last_untrusted++;
 				x=xtmp;
@@ -349,15 +350,16 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 
 		ok = ctx->get_issuer(&xtmp, ctx, x);
 
-		if (ok < 0) return ok;
+		if (ok < 0) goto end;
 		if (ok == 0) break;
 
 		x = xtmp;
 		if (!sk_X509_push(ctx->chain,x))
 			{
 			X509_free(xtmp);
-			OPENSSL_PUT_ERROR(X509, X509_verify_cert, ERR_R_MALLOC_FAILURE);
-			return 0;
+			OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
+			ok = 0;
+			goto end;
 			}
 		num++;
 		}
@@ -990,7 +992,7 @@ static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
 		*pissuer = best_crl_issuer;
 		*pscore = best_score;
 		*preasons = best_reasons;
-		CRYPTO_refcount_inc(&best_crl->references);
+		X509_CRL_up_ref(best_crl);
 		if (*pdcrl)
 			{
 			X509_CRL_free(*pdcrl);
@@ -1097,7 +1099,7 @@ static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
 			{
 			if (check_crl_time(ctx, delta, 0))
 				*pscore |= CRL_SCORE_TIME_DELTA;
-			CRYPTO_refcount_inc(&delta->references);
+			X509_CRL_up_ref(delta);
 			*dcrl = delta;
 			return;
 			}
@@ -1634,7 +1636,7 @@ static int check_policy(X509_STORE_CTX *ctx)
 				ctx->param->policies, ctx->param->flags);
 	if (ret == 0)
 		{
-		OPENSSL_PUT_ERROR(X509, check_policy, ERR_R_MALLOC_FAILURE);
+		OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
 	/* Invalid or inconsistent extensions */
@@ -1983,44 +1985,44 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
 	/* CRLs can't be delta already */
 	if (base->base_crl_number || newer->base_crl_number)
 			{
-			OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_ALREADY_DELTA);
+			OPENSSL_PUT_ERROR(X509, X509_R_CRL_ALREADY_DELTA);
 			return NULL;
 			}
 	/* Base and new CRL must have a CRL number */
 	if (!base->crl_number || !newer->crl_number)
 			{
-			OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NO_CRL_NUMBER);
+			OPENSSL_PUT_ERROR(X509, X509_R_NO_CRL_NUMBER);
 			return NULL;
 			}
 	/* Issuer names must match */
 	if (X509_NAME_cmp(X509_CRL_get_issuer(base),
 				X509_CRL_get_issuer(newer)))
 			{
-			OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_ISSUER_MISMATCH);
+			OPENSSL_PUT_ERROR(X509, X509_R_ISSUER_MISMATCH);
 			return NULL;
 			}
 	/* AKID and IDP must match */
 	if (!crl_extension_match(base, newer, NID_authority_key_identifier))
 			{
-			OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_AKID_MISMATCH);
+			OPENSSL_PUT_ERROR(X509, X509_R_AKID_MISMATCH);
 			return NULL;
 			}
 	if (!crl_extension_match(base, newer, NID_issuing_distribution_point))
 			{
-			OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_IDP_MISMATCH);
+			OPENSSL_PUT_ERROR(X509, X509_R_IDP_MISMATCH);
 			return NULL;
 			}
 	/* Newer CRL number must exceed full CRL number */
 	if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0)
 			{
-			OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_NEWER_CRL_NOT_NEWER);
+			OPENSSL_PUT_ERROR(X509, X509_R_NEWER_CRL_NOT_NEWER);
 			return NULL;
 			}
 	/* CRLs must verify */
 	if (skey && (X509_CRL_verify(base, skey) <= 0 ||
 			X509_CRL_verify(newer, skey) <= 0))
 		{
-		OPENSSL_PUT_ERROR(X509, X509_CRL_diff, X509_R_CRL_VERIFY_FAILURE);
+		OPENSSL_PUT_ERROR(X509, X509_R_CRL_VERIFY_FAILURE);
 		return NULL;
 		}
 	/* Create new CRL */
@@ -2085,7 +2087,7 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
 	return crl;
 
 	memerr:
-	OPENSSL_PUT_ERROR(X509, X509_CRL_diff, ERR_R_MALLOC_FAILURE);
+	OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 	if (crl)
 		X509_CRL_free(crl);
 	return NULL;
@@ -2210,7 +2212,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
 		idx = X509_PURPOSE_get_by_id(purpose);
 		if (idx == -1)
 			{
-			OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID);
+			OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID);
 			return 0;
 			}
 		ptmp = X509_PURPOSE_get0(idx);
@@ -2219,7 +2221,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
 			idx = X509_PURPOSE_get_by_id(def_purpose);
 			if (idx == -1)
 				{
-				OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_PURPOSE_ID);
+				OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID);
 				return 0;
 				}
 			ptmp = X509_PURPOSE_get0(idx);
@@ -2232,7 +2234,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
 		idx = X509_TRUST_get_by_id(trust);
 		if (idx == -1)
 			{
-			OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_purpose_inherit, X509_R_UNKNOWN_TRUST_ID);
+			OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_TRUST_ID);
 			return 0;
 			}
 		}
@@ -2248,7 +2250,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void)
 	ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
 	if (!ctx)
 		{
-		OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_new, ERR_R_MALLOC_FAILURE);
+		OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 		return NULL;
 		}
 	memset(ctx, 0, sizeof(X509_STORE_CTX));
@@ -2371,7 +2373,7 @@ err:
 		}
 
 	memset(ctx, 0, sizeof(X509_STORE_CTX));
-	OPENSSL_PUT_ERROR(X509, X509_STORE_CTX_init, ERR_R_MALLOC_FAILURE);
+	OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
 	return 0;
 	}