Google Git
Sign in
boringssl / boringssl.git / d0f5df2d71768e4ac68d5803529e850f88dd4107^! / .
commitd0f5df2d71768e4ac68d5803529e850f88dd4107[log] [tgz]
authorAdam Langley <agl@chromium.org>Wed Feb 11 15:30:17 2015 -0800
committerAdam Langley <agl@chromium.org>Fri Feb 13 11:00:47 2015 -0800
treeb3c7ee0743fd06a267f3a3c964f524a90ea8d846
parent82fc3bd333c5ef5839bc539281e773be290b9c48 [diff]
New peername element in X509_VERIFY_PARAM_ID.

Declaration, memory management, accessor and documentation.

(Imported from upstream's 1eb57ae2b78c119bfba7ab647951130e968d1664.)

Change-Id: Ifa9672e46445e44a78001b0f9430a93c138d73d7

diff --git a/crypto/x509/vpm_int.h b/crypto/x509/vpm_int.h
index 6b670af..4ec629f 100644
--- a/crypto/x509/vpm_int.h
+++ b/crypto/x509/vpm_int.h

@@ -62,6 +62,7 @@
 	{
 	STACK_OF(OPENSSL_STRING) *hosts;	/* Set of acceptable names */
 	unsigned int hostflags;	/* Flags to control matching features */
+	char *peername;		/* Matching hostname in peer certificate */
 	unsigned char *email;	/* If not NULL email address to match */
 	size_t emaillen;
 	unsigned char *ip;	/* If not NULL IP address to match */

diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index d326637..37fd5b0 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c

@@ -143,6 +143,11 @@
 		string_stack_free(paramid->hosts);
 		paramid->hosts = NULL;
 		}
+	if (paramid->peername)
+		{
+		OPENSSL_free(paramid->peername);
+		paramid->peername = NULL;
+		}
 	if (paramid->email)
 		{
 		OPENSSL_free(paramid->email);
@@ -476,6 +481,11 @@
 	param->id->hostflags = flags;
 	}
 
+char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param)
+	{
+	return param->id->peername;
+	}
+
 int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
 				const unsigned char *email, size_t emaillen)
 	{
@@ -511,7 +521,7 @@
 	return param->name;
 	}
 
-static const X509_VERIFY_PARAM_ID _empty_id = {NULL, 0U, NULL, 0, NULL, 0};
+static const X509_VERIFY_PARAM_ID _empty_id = {NULL, 0U, NULL, NULL, 0, NULL, 0};
 
 #define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id
 

diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index bd84bc8..fe319dc 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h

@@ -560,6 +560,7 @@
 					       size_t namelen);
 OPENSSL_EXPORT void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
 					unsigned int flags);
+OPENSSL_EXPORT char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
 				const unsigned char *email, size_t emaillen);
 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,