char *arg = **pargs, *argn = (*pargs)[1];
const X509_VERIFY_PARAM *vpm = NULL;
time_t at_time = 0;
- const unsigned char *hostname = NULL, *email = NULL;
+ char *hostname = NULL;
+ char *email = NULL;
char *ipasc = NULL;
if (!strcmp(arg, "-policy"))
{
{
if (!argn)
*badarg = 1;
- hostname = (unsigned char *)argn;
+ hostname = argn;
(*pargs)++;
}
else if (strcmp(arg,"-verify_email") == 0)
{
if (!argn)
*badarg = 1;
- email = (unsigned char *)argn;
+ email = argn;
(*pargs)++;
}
else if (strcmp(arg,"-verify_ip") == 0)
#endif /* ndef OPENSSL_NO_TLSEXT */
void print_cert_checks(BIO *bio, X509 *x,
- const unsigned char *checkhost,
- const unsigned char *checkemail,
+ const char *checkhost,
+ const char *checkemail,
const char *checkip)
{
if (x == NULL)
#endif /* ndef OPENSSL_NO_TLSEXT */
void print_cert_checks(BIO *bio, X509 *x,
- const unsigned char *checkhost,
- const unsigned char *checkemail,
+ const char *checkhost,
+ const char *checkemail,
const char *checkip);
void store_setup_crl_download(X509_STORE *st);
int need_rand = 0;
int checkend=0,checkoffset=0;
unsigned long nmflag = 0, certflag = 0;
- unsigned char *checkhost = NULL, *checkemail = NULL;
+ char *checkhost = NULL;
+ char *checkemail = NULL;
char *checkip = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
else if (strcmp(*argv,"-checkhost") == 0)
{
if (--argc < 1) goto bad;
- checkhost=(unsigned char *)*(++argv);
+ checkhost=*(++argv);
}
else if (strcmp(*argv,"-checkemail") == 0)
{
if (--argc < 1) goto bad;
- checkemail=(unsigned char *)*(++argv);
+ checkemail=*(++argv);
}
else if (strcmp(*argv,"-checkip") == 0)
{
STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */
unsigned int hostflags; /* Flags to control matching features */
char *peername; /* Matching hostname in peer certificate */
- unsigned char *email; /* If not NULL email address to match */
+ char *email; /* If not NULL email address to match */
size_t emaillen;
unsigned char *ip; /* If not NULL IP address to match */
size_t iplen; /* Length of IP address */
{
int i;
int n = sk_OPENSSL_STRING_num(id->hosts);
- unsigned char *name;
+ char *name;
for (i = 0; i < n; ++i)
{
- name = (unsigned char *)sk_OPENSSL_STRING_value(id->hosts, i);
+ name = sk_OPENSSL_STRING_value(id->hosts, i);
if (X509_check_host(x, name, 0, id->hostflags,
&id->peername) > 0)
return 1;
STACK_OF(ASN1_OBJECT) *policies);
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
- const unsigned char *name, size_t namelen);
+ const char *name, size_t namelen);
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
- const unsigned char *name, size_t namelen);
+ const char *name, size_t namelen);
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
unsigned int flags);
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
- const unsigned char *email, size_t emaillen);
+ const char *email, size_t emaillen);
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
const unsigned char *ip, size_t iplen);
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);
#define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free)
static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
- const unsigned char *name, size_t namelen)
+ const char *name, size_t namelen)
{
char *copy;
* XXX: Do we need to push an error onto the error stack?
*/
if (namelen == 0)
- namelen = name ? strlen((char *)name) : 0;
+ namelen = name ? strlen(name) : 0;
else if (name && memchr(name, '\0', namelen > 1 ? namelen-1 : namelen))
return 0;
if (name && name[namelen-1] == '\0')
if (name == NULL || namelen == 0)
return 1;
- copy = BUF_strndup((char *)name, namelen);
+ copy = BUF_strndup(name, namelen);
if (copy == NULL)
return 0;
return ret;
}
-static int int_x509_param_set1(unsigned char **pdest, size_t *pdestlen,
- const unsigned char *src, size_t srclen)
+static int int_x509_param_set1(char **pdest, size_t *pdestlen,
+ const char *src, size_t srclen)
{
void *tmp;
if (src)
{
if (srclen == 0)
{
- tmp = BUF_strdup((char *)src);
- srclen = strlen((char *)src);
+ tmp = BUF_strdup(src);
+ srclen = strlen(src);
}
else
tmp = BUF_memdup(src, srclen);
}
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
- const unsigned char *name, size_t namelen)
+ const char *name, size_t namelen)
{
return int_x509_param_set_hosts(param->id, SET_HOST, name, namelen);
}
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
- const unsigned char *name, size_t namelen)
+ const char *name, size_t namelen)
{
return int_x509_param_set_hosts(param->id, ADD_HOST, name, namelen);
}
}
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
- const unsigned char *email, size_t emaillen)
+ const char *email, size_t emaillen)
{
return int_x509_param_set1(¶m->id->email, ¶m->id->emaillen,
email, emaillen);
{
if (iplen != 0 && iplen != 4 && iplen != 16)
return 0;
- return int_x509_param_set1(¶m->id->ip, ¶m->id->iplen, ip, iplen);
+ return int_x509_param_set1((char **)¶m->id->ip, ¶m->id->iplen,
+ (char *)ip, iplen);
}
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc)
{
unsigned char ipout[16];
- int iplen;
- iplen = a2i_ipadd(ipout, ipasc);
+ size_t iplen;
+
+ iplen = (size_t) a2i_ipadd(ipout, ipasc);
if (iplen == 0)
return 0;
- return X509_VERIFY_PARAM_set1_ip(param, ipout, (size_t)iplen);
+ return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen);
}
int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
*/
static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
- unsigned int flags,
- const unsigned char *b, size_t blen,
+ unsigned int flags, const char *b, size_t blen,
char **peername)
{
int rv = 0;
if (cmp_type != a->type)
return 0;
if (cmp_type == V_ASN1_IA5STRING)
- rv = equal(a->data, a->length, b, blen, flags);
+ rv = equal(a->data, a->length,
+ (unsigned char *)b, blen, flags);
else if (a->length == (int)blen && !memcmp(a->data, b, blen))
rv = 1;
if (rv > 0 && peername)
astrlen = ASN1_STRING_to_UTF8(&astr, a);
if (astrlen < 0)
return -1;
- rv = equal(astr, astrlen, b, blen, flags);
+ rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
OPENSSL_free(astr);
if (rv > 0 && peername)
*peername = BUF_strndup((char *)astr, astrlen);
return rv;
}
-static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen,
+static int do_x509_check(X509 *x, const char *chk, size_t chklen,
unsigned int flags, int check_type,
char **peername)
{
}
if (chklen == 0)
- chklen = strlen((const char *)chk);
+ chklen = strlen(chk);
gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
if (gens)
return 0;
}
-int X509_check_host(X509 *x, const unsigned char *chk, size_t chklen,
- unsigned int flags, char **peername)
+int X509_check_host(X509 *x, const char *chk, size_t chklen,
+ unsigned int flags, char **peername)
{
if (chk == NULL)
return -2;
* NUL in string length).
*/
if (chklen == 0)
- chklen = strlen((char *)chk);
+ chklen = strlen(chk);
else if (memchr(chk, '\0', chklen > 1 ? chklen-1 : chklen))
return -2;
if (chklen > 1 && chk[chklen-1] == '\0')
return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
}
-int X509_check_email(X509 *x, const unsigned char *chk, size_t chklen,
- unsigned int flags)
+int X509_check_email(X509 *x, const char *chk, size_t chklen,
+ unsigned int flags)
{
if (chk == NULL)
return -2;
{
if (chk == NULL)
return -2;
- return do_x509_check(x, chk, chklen, flags, GEN_IPADD, NULL);
+ return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL);
}
int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
{
unsigned char ipout[16];
- int iplen;
+ size_t iplen;
+
if (ipasc == NULL)
return -2;
- iplen = a2i_ipadd(ipout, ipasc);
+ iplen = (size_t) a2i_ipadd(ipout, ipasc);
if (iplen == 0)
return -2;
- return do_x509_check(x, ipout, (size_t)iplen, flags, GEN_IPADD, NULL);
+ return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
}
/* Convert IP addresses both IPv4 and IPv6 into an
int match, ret;
memcpy(name, *pname, namelen);
- ret = X509_check_host(crt, (const unsigned char *)name,
- namelen, 0, NULL);
+ ret = X509_check_host(crt, name, namelen, 0, NULL);
match = -1;
if (ret < 0)
{
match = 1;
check_message(fn, "host", nameincert, match, *pname);
- ret = X509_check_host(crt, (const unsigned char *)name,
- namelen, X509_CHECK_FLAG_NO_WILDCARDS,
- NULL);
+ ret = X509_check_host(crt, name, namelen,
+ X509_CHECK_FLAG_NO_WILDCARDS, NULL);
match = -1;
if (ret < 0)
{
check_message(fn, "host-no-wildcards",
nameincert, match, *pname);
- ret = X509_check_email(crt, (const unsigned char *)name,
- namelen, 0);
+ ret = X509_check_email(crt, name, namelen, 0);
match = -1;
if (fn->email)
{
*/
#define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
-int X509_check_host(X509 *x, const unsigned char *chk, size_t chklen,
+int X509_check_host(X509 *x, const char *chk, size_t chklen,
unsigned int flags, char **peername);
-int X509_check_email(X509 *x, const unsigned char *chk, size_t chklen,
+int X509_check_email(X509 *x, const char *chk, size_t chklen,
unsigned int flags);
int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
unsigned int flags);
int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
- const unsigned char *name, size_t namelen);
+ const char *name, size_t namelen);
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
- const unsigned char *name, size_t namelen);
+ const char *name, size_t namelen);
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
unsigned int flags);
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
- const unsigned char *email, size_t emaillen);
+ const char *email, size_t emaillen);
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
const unsigned char *ip, size_t iplen);
- int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
- const char *ipasc);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);
=head1 DESCRIPTION
#include <openssl/x509.h>
- int X509_check_host(X509 *, const unsigned char *name,
- size_t namelen, unsigned int flags, char **peername);
- int X509_check_email(X509 *, const unsigned char *address,
- size_t addresslen, unsigned int flags);
- int X509_check_ip(X509 *, const unsigned char *address,
- size_t addresslen, unsigned int flags);
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+ unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+ unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+ unsigned int flags);
int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);
=head1 DESCRIPTION
projects / openssl.git / commitdiff