diff options
| author | Viktor Dukhovni <ietf-dane@dukhovni.org> | 2014-07-06 01:44:30 +1000 |
|---|---|---|
| committer | Viktor Dukhovni <ietf-dane@dukhovni.org> | 2014-07-06 01:50:50 +1000 |
| commit | 6e661d458f5aa8f52bf3d9098bd10025de5f08ea (patch) | |
| tree | 277fee4f16e3dda1ddd54d820a85a48a7e380e44 /crypto/x509 | |
| parent | d2ab55eb5ba5ffcca96253224c20ee1269b39b72 (diff) | |
New peername element in X509_VERIFY_PARAM_ID
Declaration, memory management, accessor and documentation.
Diffstat (limited to 'crypto/x509')
| -rw-r--r-- | crypto/x509/x509_lcl.h | 1 | ||||
| -rw-r--r-- | crypto/x509/x509_vfy.h | 1 | ||||
| -rw-r--r-- | crypto/x509/x509_vpm.c | 9 |
3 files changed, 10 insertions, 1 deletions
diff --git a/crypto/x509/x509_lcl.h b/crypto/x509/x509_lcl.h index a20bed287d..8350929d7e 100644 --- a/crypto/x509/x509_lcl.h +++ b/crypto/x509/x509_lcl.h @@ -62,6 +62,7 @@ struct X509_VERIFY_PARAM_ID_st { STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */ unsigned int hostflags; /* Flags to control matching features */ + char *peername; /* Matching hostname in peer certificate */ unsigned char *email; /* If not NULL email address to match */ size_t emaillen; unsigned char *ip; /* If not NULL IP address to match */ diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h index 4aca857fda..47b1055ed2 100644 --- a/crypto/x509/x509_vfy.h +++ b/crypto/x509/x509_vfy.h @@ -564,6 +564,7 @@ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, const unsigned char *name, size_t namelen); void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, unsigned int flags); +char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *); int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const unsigned char *email, size_t emaillen); int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index d95943c22c..2a0a774c8f 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -149,6 +149,8 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param) string_stack_free(paramid->hosts); paramid->hosts = NULL; } + if (paramid->peername) + OPENSSL_free(paramid->peername); if (paramid->email) { OPENSSL_free(paramid->email); @@ -482,6 +484,11 @@ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, param->id->hostflags = flags; } +char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param) + { + return param->id->peername; + } + int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const unsigned char *email, size_t emaillen) { @@ -517,7 +524,7 @@ const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param) return param->name; } -static X509_VERIFY_PARAM_ID _empty_id = {NULL, 0U, NULL, 0, NULL, 0}; +static X509_VERIFY_PARAM_ID _empty_id = {NULL, 0U, NULL, NULL, 0, NULL, 0}; #define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id |