diff options
Diffstat (limited to 'crypto/x509')
-rw-r--r-- | crypto/x509/vpm_int.h | 2 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.c | 6 | ||||
-rw-r--r-- | crypto/x509/x509_vpm.c | 28 |
3 files changed, 19 insertions, 17 deletions
diff --git a/crypto/x509/vpm_int.h b/crypto/x509/vpm_int.h index 4ec629f7..9edbd5ad 100644 --- a/crypto/x509/vpm_int.h +++ b/crypto/x509/vpm_int.h @@ -63,7 +63,7 @@ struct X509_VERIFY_PARAM_ID_st STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */ unsigned int hostflags; /* Flags to control matching features */ char *peername; /* Matching hostname in peer certificate */ - unsigned char *email; /* If not NULL email address to match */ + char *email; /* If not NULL email address to match */ size_t emaillen; unsigned char *ip; /* If not NULL IP address to match */ size_t iplen; /* Length of IP address */ diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 51950199..28d2182d 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -708,12 +708,12 @@ static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id) { size_t i; size_t n = sk_OPENSSL_STRING_num(id->hosts); - unsigned char *name; + char *name; for (i = 0; i < n; ++i) { - name = (unsigned char *)sk_OPENSSL_STRING_value(id->hosts, i); - if (X509_check_host(x, name, strlen((const char*) name), id->hostflags, + name = sk_OPENSSL_STRING_value(id->hosts, i); + if (X509_check_host(x, name, strlen(name), id->hostflags, &id->peername) > 0) return 1; } diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index 37fd5b0a..cf4283dc 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -76,7 +76,7 @@ static void str_free(char *s) { OPENSSL_free(s); } #define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free) static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode, - const unsigned char *name, size_t namelen) + const char *name, size_t namelen) { char *copy; @@ -95,7 +95,7 @@ static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode, if (name == NULL || namelen == 0) return 1; - copy = BUF_strndup((char *)name, namelen); + copy = BUF_strndup(name, namelen); if (copy == NULL) return 0; @@ -335,16 +335,16 @@ int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, return ret; } -static int int_x509_param_set1(unsigned char **pdest, size_t *pdestlen, - const unsigned char *src, size_t srclen) +static int int_x509_param_set1(char **pdest, size_t *pdestlen, + const char *src, size_t srclen) { void *tmp; if (src) { if (srclen == 0) { - tmp = BUF_strdup((char *)src); - srclen = strlen((char *)src); + tmp = BUF_strdup(src); + srclen = strlen(src); } else tmp = BUF_memdup(src, srclen); @@ -464,13 +464,13 @@ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, } int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const unsigned char *name, size_t namelen) + const char *name, size_t namelen) { return int_x509_param_set_hosts(param->id, SET_HOST, name, namelen); } int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, - const unsigned char *name, size_t namelen) + const char *name, size_t namelen) { return int_x509_param_set_hosts(param->id, ADD_HOST, name, namelen); } @@ -487,7 +487,7 @@ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param) } int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, - const unsigned char *email, size_t emaillen) + const char *email, size_t emaillen) { return int_x509_param_set1(¶m->id->email, ¶m->id->emaillen, email, emaillen); @@ -498,17 +498,19 @@ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, { if (iplen != 0 && iplen != 4 && iplen != 16) return 0; - return int_x509_param_set1(¶m->id->ip, ¶m->id->iplen, ip, iplen); + return int_x509_param_set1((char **)¶m->id->ip, ¶m->id->iplen, + (char *)ip, iplen); } int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc) { unsigned char ipout[16]; - int iplen; - iplen = a2i_ipadd(ipout, ipasc); + size_t iplen; + + iplen = (size_t) a2i_ipadd(ipout, ipasc); if (iplen == 0) return 0; - return X509_VERIFY_PARAM_set1_ip(param, ipout, (size_t)iplen); + return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen); } int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param) |