Fix ctype arguments.

[openssl.git] / ssl / ssl_rsa.c

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 8bb8d82904c1d94ad7864571ef4b778c19fc8369..89aaa9d06e66e0448d4722026568936971df2e8d 100644 (file)
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -19,10 +19,10 @@
 static int ssl_set_cert(CERT *c, X509 *x509);
 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
 
-static const unsigned int synthv1context = SSL_EXT_TLS1_2_AND_BELOW_ONLY
-                                           | SSL_EXT_CLIENT_HELLO
-                                           | SSL_EXT_TLS1_2_SERVER_HELLO
-                                           | SSL_EXT_IGNORE_ON_RESUMPTION;
+#define  SYNTHV1CONTEXT     (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
+                             | SSL_EXT_CLIENT_HELLO \
+                             | SSL_EXT_TLS1_2_SERVER_HELLO \
+                             | SSL_EXT_IGNORE_ON_RESUMPTION)
 
 int SSL_use_certificate(SSL *ssl, X509 *x)
 {
@@ -127,9 +127,9 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
 
 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 {
-    int i;
-    i = ssl_cert_type(NULL, pkey);
-    if (i < 0) {
+    size_t i;
+
+    if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
         SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
         return (0);
     }
@@ -167,8 +167,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
     EVP_PKEY_free(c->pkeys[i].privatekey);
     EVP_PKEY_up_ref(pkey);
     c->pkeys[i].privatekey = pkey;
-    c->key = &(c->pkeys[i]);
-    return (1);
+    c->key = &c->pkeys[i];
+    return 1;
 }
 
 #ifndef OPENSSL_NO_RSA
@@ -316,7 +316,7 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
 static int ssl_set_cert(CERT *c, X509 *x)
 {
     EVP_PKEY *pkey;
-    int i;
+    size_t i;
 
     pkey = X509_get0_pubkey(x);
     if (pkey == NULL) {
@@ -324,8 +324,7 @@ static int ssl_set_cert(CERT *c, X509 *x)
         return (0);
     }
 
-    i = ssl_cert_type(x, pkey);
-    if (i < 0) {
+    if (ssl_cert_lookup_by_pkey(pkey, &i) == NULL) {
         SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
         return 0;
     }
@@ -775,7 +774,7 @@ static int serverinfoex_srv_add_cb(SSL *s, unsigned int ext_type,
         int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
                                                ext_type, out, outlen);
         if (retval == -1) {
-            *al = SSL_AD_DECODE_ERROR;
+            *al = SSL_AD_INTERNAL_ERROR;
             return -1;          /* Error */
         }
         if (retval == 0)
@@ -838,7 +837,7 @@ static int serverinfo_process_buffer(unsigned int version,
          * also use the old API even if we have V2 serverinfo but the context
          * looks like an old style <= TLSv1.2 extension.
          */
-        if (version == SSL_SERVERINFOV1 || context == synthv1context) {
+        if (version == SSL_SERVERINFOV1 || context == SYNTHV1CONTEXT) {
             if (!SSL_CTX_add_server_custom_ext(ctx, ext_type,
                                                serverinfo_srv_add_cb,
                                                NULL, NULL,
@@ -920,7 +919,6 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
     int ret = 0;
     BIO *bin = NULL;
     size_t num_extensions = 0, contextoff = 0;
-    unsigned int version;
 
     if (ctx == NULL || file == NULL) {
         SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
@@ -938,6 +936,8 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
     }
 
     for (num_extensions = 0;; num_extensions++) {
+        unsigned int version;
+
         if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
             == 0) {
             /*
@@ -1009,8 +1009,8 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
             /* We know this only uses the last 2 bytes */
             sinfo[0] = 0;
             sinfo[1] = 0;
-            sinfo[2] = (synthv1context >> 8) & 0xff;
-            sinfo[3] = synthv1context & 0xff;
+            sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
+            sinfo[3] = SYNTHV1CONTEXT & 0xff;
         }
         memcpy(serverinfo + serverinfo_length + contextoff,
                extension, extension_length);