From d8a11973e2c9ccc5a806936edb2cccf28332bc5e Mon Sep 17 00:00:00 2001
From: Benjamin Fry <benjaminfry@me.com>
Date: Mon, 20 Mar 2017 22:28:15 -0700
Subject: [PATCH] convert to raw pass-through methods

---
 openssl/src/x509/mod.rs   | 26 +++++++++++++++++++++-----
 openssl/src/x509/tests.rs |  4 ++--
 2 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index cb5eca40..52907110 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -86,14 +86,20 @@ impl X509StoreContextRef {
         }
     }
 
-    /// Verifies the certificate associated in the `build()` method
+    /// Initializes the store context to verify the certificate.
     ///
-    /// This consumes self as the `X509StoreContext` must be reinitialized subsequent to any cally to verify. 
-    pub fn verify_cert(self) -> Result<Option<X509VerifyError>, ErrorStack> {
+    /// This Context can only be used once, subsequent to any validation, the context must be reinitialized.
+    ///
+    /// # Arguments
+    ///
+    /// * `trust` - a store of the trusted chain of certificates, or CAs, to validated the certificate
+    /// * `cert` - certificate to validate
+    /// * `cert_chain` - the certificates chain
+    pub fn init(&self, trust: &store::X509StoreRef, cert: &X509Ref, cert_chain: &StackRef<X509>) -> Result<(), ErrorStack> {
         unsafe {
-            try!(cvt(ffi::X509_verify_cert(self.as_ptr())).map(|_| ()))
+            cvt(ffi::X509_STORE_CTX_init(self.as_ptr(), trust.as_ptr(), cert.as_ptr(), cert_chain.as_ptr()))
+                .map(|_| ())
         }
-        Ok(self.error())
     }
 
     /// Returns the error code of the context.
@@ -105,6 +111,16 @@ impl X509StoreContextRef {
         unsafe { X509VerifyResult::from_raw(ffi::X509_STORE_CTX_get_error(self.as_ptr())) }
     }
 
+    /// Verifies the certificate associated in the `init()` method
+    ///
+    /// This consumes self as the `X509StoreContext` must be reinitialized subsequent to any cally to verify. 
+    pub fn verify_cert(&self) -> Result<Option<X509VerifyError>, ErrorStack> {
+        unsafe {
+            try!(cvt(ffi::X509_verify_cert(self.as_ptr())).map(|_| ()))
+        }
+        Ok(self.error())
+    }
+
     /// Set the error code of the context.
     ///
     /// This corresponds to [`X509_STORE_CTX_set_error`].
diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs
index b6303ade..6ef4f18e 100644
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@@ -303,8 +303,8 @@ fn test_verify_cert() {
     store_bldr.add_cert(ca).unwrap();
     let store = store_bldr.build();
 
-    let store_ctx_bldr = X509StoreContext::builder().unwrap();
-    let store_ctx = store_ctx_bldr.build(&store, &cert, &Stack::new().unwrap()).unwrap();
+    let store_ctx = X509StoreContext::new().unwrap();
+    store_ctx.init(&store, &cert, &Stack::new().unwrap()).unwrap();
 
     assert!(store_ctx.verify_cert().unwrap().is_none());
 }