From a5d7f8a718bc16d8c7986ea13b8585af8f20a648 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bastian=20K=C3=B6cher?= <git@kchr.de>
Date: Sat, 10 Mar 2018 00:15:03 +0100
Subject: [PATCH] Moves store context init into its own function

---
 openssl/src/x509/mod.rs   | 28 ++++++++++++++++++----------
 openssl/src/x509/tests.rs |  9 ++++++---
 2 files changed, 24 insertions(+), 13 deletions(-)

diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index 107bfe69..55e5c75d 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -107,30 +107,38 @@ impl X509StoreContextRef {
         unsafe { X509VerifyResult::from_raw(ffi::X509_STORE_CTX_get_error(self.as_ptr())) }
     }
 
-    /// Verifies a certificate with the given certificate store.
+    /// Initializes this context with the given certificate, certificates chain and certificate
+    /// store.
     /// For successive calls to this function, it is required to call `cleanup` in beforehand.
     ///
     /// * `trust` - The certificate store with the trusted certificates.
     /// * `cert` - The certificate that should be verified.
     /// * `cert_chain` - The certificates chain.
     ///
-    /// This corresponds to [`X509_STORE_CTX_init`] followed by [`X509_verify_cert`].
+    /// This corresponds to [`X509_STORE_CTX_init`].
     ///
     /// [`X509_STORE_CTX_init`]:  https://www.openssl.org/docs/man1.0.2/crypto/X509_STORE_CTX_init.html
+    pub fn init(&mut self, trust: &store::X509StoreRef, cert: &X509Ref,
+                cert_chain: &StackRef<X509>) -> Result<(), ErrorStack> {
+        unsafe {
+            cvt(ffi::X509_STORE_CTX_init(self.as_ptr(), trust.as_ptr(),
+                                         cert.as_ptr(), cert_chain.as_ptr())).map(|_| ())
+        }
+    }
+
+    /// Verifies the stored certificate.
+    /// It is required to call `init` in beforehand, to initialize the required values.
+    ///
+    /// This corresponds to [`X509_verify_cert`].
+    ///
     /// [`X509_verify_cert`]:  https://www.openssl.org/docs/man1.0.2/crypto/X509_verify_cert.html
     ///
     /// # Result
     /// 
     /// The Result must be `Ok(())` to be a valid certificate, otherwise the cert is not valid.
-    pub fn verify_cert(&mut self, trust: &store::X509StoreRef, cert: &X509Ref,
-                       cert_chain: &StackRef<X509>) -> Result<(), ErrorStack> {
+    pub fn verify_cert(&mut self) -> Result<(), ErrorStack> {
         unsafe {
-            cvt(ffi::X509_STORE_CTX_init(self.as_ptr(), trust.as_ptr(),
-                                        cert.as_ptr(), cert_chain.as_ptr()))?;
-
-            cvt(ffi::X509_verify_cert(self.as_ptr()))?;
-            
-            Ok(())
+            cvt(ffi::X509_verify_cert(self.as_ptr())).map(|_| ())
         }
     }
 
diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs
index 8e89c3a0..9b630d0e 100644
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@@ -306,9 +306,11 @@ fn test_verify_cert() {
     let store = store_bldr.build();
 
     let mut context = X509StoreContext::new().unwrap();
-    assert!(context.verify_cert(&store, &cert, &chain).is_ok());
+    assert!(context.init(&store, &cert, &chain).is_ok());
+    assert!(context.verify_cert().is_ok());
     context.cleanup();
-    assert!(context.verify_cert(&store, &cert, &chain).is_ok());
+    assert!(context.init(&store, &cert, &chain).is_ok());
+    assert!(context.verify_cert().is_ok());
 }
 
 #[test]
@@ -324,5 +326,6 @@ fn test_verify_fails() {
     let store = store_bldr.build();
 
     let mut context = X509StoreContext::new().unwrap();
-    assert!(context.verify_cert(&store, &cert, &chain).is_err());
+    assert!(context.init(&store, &cert, &chain).is_ok());
+    assert!(context.verify_cert().is_err());
 }