diff options
author | Adam Langley <agl@chromium.org> | 2015-02-12 02:30:17 +0300 |
---|---|---|
committer | Adam Langley <agl@chromium.org> | 2015-02-13 22:00:47 +0300 |
commit | d0f5df2d71768e4ac68d5803529e850f88dd4107 (patch) | |
tree | b3c7ee0743fd06a267f3a3c964f524a90ea8d846 | |
parent | 82fc3bd333c5ef5839bc539281e773be290b9c48 (diff) |
New peername element in X509_VERIFY_PARAM_ID.
Declaration, memory management, accessor and documentation.
(Imported from upstream's 1eb57ae2b78c119bfba7ab647951130e968d1664.)
Change-Id: Ifa9672e46445e44a78001b0f9430a93c138d73d7
-rw-r--r-- | crypto/x509/vpm_int.h | 1 | ||||
-rw-r--r-- | crypto/x509/x509_vpm.c | 12 | ||||
-rw-r--r-- | include/openssl/x509_vfy.h | 1 |
3 files changed, 13 insertions, 1 deletions
diff --git a/crypto/x509/vpm_int.h b/crypto/x509/vpm_int.h index 6b670af5..4ec629f7 100644 --- a/crypto/x509/vpm_int.h +++ b/crypto/x509/vpm_int.h @@ -62,6 +62,7 @@ struct X509_VERIFY_PARAM_ID_st { STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */ unsigned int hostflags; /* Flags to control matching features */ + char *peername; /* Matching hostname in peer certificate */ unsigned char *email; /* If not NULL email address to match */ size_t emaillen; unsigned char *ip; /* If not NULL IP address to match */ diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index d3266379..37fd5b0a 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -143,6 +143,11 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param) string_stack_free(paramid->hosts); paramid->hosts = NULL; } + if (paramid->peername) + { + OPENSSL_free(paramid->peername); + paramid->peername = NULL; + } if (paramid->email) { OPENSSL_free(paramid->email); @@ -476,6 +481,11 @@ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, param->id->hostflags = flags; } +char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param) + { + return param->id->peername; + } + int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const unsigned char *email, size_t emaillen) { @@ -511,7 +521,7 @@ const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param) return param->name; } -static const X509_VERIFY_PARAM_ID _empty_id = {NULL, 0U, NULL, 0, NULL, 0}; +static const X509_VERIFY_PARAM_ID _empty_id = {NULL, 0U, NULL, NULL, 0, NULL, 0}; #define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index bd84bc89..fe319dca 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -560,6 +560,7 @@ OPENSSL_EXPORT int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, size_t namelen); OPENSSL_EXPORT void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, unsigned int flags); +OPENSSL_EXPORT char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *); OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const unsigned char *email, size_t emaillen); OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, |