diff options
author | Viktor Dukhovni <ietf-dane@dukhovni.org> | 2014-07-07 11:11:38 +0200 |
---|---|---|
committer | Viktor Dukhovni <ietf-dane@dukhovni.org> | 2014-07-07 11:11:38 +0200 |
commit | 297c67fcd817ea643de2fdeff4e434b050d571e2 (patch) | |
tree | 5ff05ff3ed125e5091f9cb75a50c51bb5ff7c397 /crypto/x509 | |
parent | Usage for -hack and -prexit -verify_return_error (diff) | |
download | openssl-297c67fcd817ea643de2fdeff4e434b050d571e2.tar.xz openssl-297c67fcd817ea643de2fdeff4e434b050d571e2.zip |
Update API to use (char *) for email addresses and hostnames
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
Diffstat (limited to 'crypto/x509')
-rw-r--r-- | crypto/x509/x509_lcl.h | 2 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.c | 4 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.h | 6 | ||||
-rw-r--r-- | crypto/x509/x509_vpm.c | 30 |
4 files changed, 22 insertions, 20 deletions
diff --git a/crypto/x509/x509_lcl.h b/crypto/x509/x509_lcl.h index 8350929d7e..18611d5793 100644 --- a/crypto/x509/x509_lcl.h +++ b/crypto/x509/x509_lcl.h @@ -63,7 +63,7 @@ struct X509_VERIFY_PARAM_ID_st STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */ unsigned int hostflags; /* Flags to control matching features */ char *peername; /* Matching hostname in peer certificate */ - unsigned char *email; /* If not NULL email address to match */ + char *email; /* If not NULL email address to match */ size_t emaillen; unsigned char *ip; /* If not NULL IP address to match */ size_t iplen; /* Length of IP address */ diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 7e2916ce09..0ec5ca8a02 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -747,11 +747,11 @@ static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id) { int i; int n = sk_OPENSSL_STRING_num(id->hosts); - unsigned char *name; + char *name; for (i = 0; i < n; ++i) { - name = (unsigned char *)sk_OPENSSL_STRING_value(id->hosts, i); + name = sk_OPENSSL_STRING_value(id->hosts, i); if (X509_check_host(x, name, 0, id->hostflags, &id->peername) > 0) return 1; diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h index 47b1055ed2..8a6f10dec2 100644 --- a/crypto/x509/x509_vfy.h +++ b/crypto/x509/x509_vfy.h @@ -559,14 +559,14 @@ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, STACK_OF(ASN1_OBJECT) *policies); int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const unsigned char *name, size_t namelen); + const char *name, size_t namelen); int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, - const unsigned char *name, size_t namelen); + const char *name, size_t namelen); void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, unsigned int flags); char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *); int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, - const unsigned char *email, size_t emaillen); + const char *email, size_t emaillen); int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, const unsigned char *ip, size_t iplen); int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc); diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index 2a0a774c8f..a809219ba3 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -78,7 +78,7 @@ static void str_free(char *s) { OPENSSL_free(s); } #define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free) static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode, - const unsigned char *name, size_t namelen) + const char *name, size_t namelen) { char *copy; @@ -87,7 +87,7 @@ static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode, * XXX: Do we need to push an error onto the error stack? */ if (namelen == 0) - namelen = name ? strlen((char *)name) : 0; + namelen = name ? strlen(name) : 0; else if (name && memchr(name, '\0', namelen > 1 ? namelen-1 : namelen)) return 0; if (name && name[namelen-1] == '\0') @@ -101,7 +101,7 @@ static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode, if (name == NULL || namelen == 0) return 1; - copy = BUF_strndup((char *)name, namelen); + copy = BUF_strndup(name, namelen); if (copy == NULL) return 0; @@ -338,16 +338,16 @@ int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, return ret; } -static int int_x509_param_set1(unsigned char **pdest, size_t *pdestlen, - const unsigned char *src, size_t srclen) +static int int_x509_param_set1(char **pdest, size_t *pdestlen, + const char *src, size_t srclen) { void *tmp; if (src) { if (srclen == 0) { - tmp = BUF_strdup((char *)src); - srclen = strlen((char *)src); + tmp = BUF_strdup(src); + srclen = strlen(src); } else tmp = BUF_memdup(src, srclen); @@ -467,13 +467,13 @@ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, } int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const unsigned char *name, size_t namelen) + const char *name, size_t namelen) { return int_x509_param_set_hosts(param->id, SET_HOST, name, namelen); } int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, - const unsigned char *name, size_t namelen) + const char *name, size_t namelen) { return int_x509_param_set_hosts(param->id, ADD_HOST, name, namelen); } @@ -490,7 +490,7 @@ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param) } int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, - const unsigned char *email, size_t emaillen) + const char *email, size_t emaillen) { return int_x509_param_set1(¶m->id->email, ¶m->id->emaillen, email, emaillen); @@ -501,17 +501,19 @@ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, { if (iplen != 0 && iplen != 4 && iplen != 16) return 0; - return int_x509_param_set1(¶m->id->ip, ¶m->id->iplen, ip, iplen); + return int_x509_param_set1((char **)¶m->id->ip, ¶m->id->iplen, + (char *)ip, iplen); } int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc) { unsigned char ipout[16]; - int iplen; - iplen = a2i_ipadd(ipout, ipasc); + size_t iplen; + + iplen = (size_t) a2i_ipadd(ipout, ipasc); if (iplen == 0) return 0; - return X509_VERIFY_PARAM_set1_ip(param, ipout, (size_t)iplen); + return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen); } int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param) |