RT2751: Declare get_issuer_sk() earlier.

[openssl.git] / crypto / x509 / x509_vfy.c

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 49425f4622d15a222f784458587dfdf66a146f0f..85aa1133f81db0496290c3e0d5b1feae24476263 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *ctx);
 static int check_revocation(X509_STORE_CTX *ctx);
 static int check_cert(X509_STORE_CTX *ctx);
 static int check_policy(X509_STORE_CTX *ctx);
+static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
 
 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
                        unsigned int *preasons,
@@ -747,12 +748,13 @@ static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id)
        {
        int i;
        int n = sk_OPENSSL_STRING_num(id->hosts);
-       unsigned char *name;
+       char *name;
 
        for (i = 0; i < n; ++i)
                {
-               name = (unsigned char *)sk_OPENSSL_STRING_value(id->hosts, i);
-               if (X509_check_host(x, name, 0, id->hostflags)) > 0)
+               name = sk_OPENSSL_STRING_value(id->hosts, i);
+               if (X509_check_host(x, name, 0, id->hostflags,
+                                   &id->peername) > 0)
                        return 1;
                }
        return n == 0;
@@ -763,7 +765,7 @@ static int check_id(X509_STORE_CTX *ctx)
        X509_VERIFY_PARAM *vpm = ctx->param;
        X509_VERIFY_PARAM_ID *id = vpm->id;
        X509 *x = ctx->cert;
-       if (id->hosts && !check_hosts(x, id) <= 0)
+       if (id->hosts && check_hosts(x, id) <= 0)
                {
                if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH))
                        return 0;