Commit 297c67fc authored by Viktor Dukhovni's avatar Viktor Dukhovni
Browse files

Update API to use (char *) for email addresses and hostnames 

Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
parent ee724df7

apps/apps.c

+6 −5
Original line number Diff line number Diff line
@@ -2388,7 +2388,8 @@ int args_verify(char ***pargs, int *pargc, 
	char *arg = **pargs, *argn = (*pargs)[1];

	const X509_VERIFY_PARAM *vpm = NULL;

	time_t at_time = 0;

	const unsigned char *hostname = NULL, *email = NULL;

	char *hostname = NULL;

	char *email = NULL;

	char *ipasc = NULL;

	if (!strcmp(arg, "-policy"))

		{
@@ -2482,14 +2483,14 @@ int args_verify(char ***pargs, int *pargc, 
		{

		if (!argn)

			*badarg = 1;

		hostname = (unsigned char *)argn;

		hostname = argn;

		(*pargs)++;

		}

	else if (strcmp(arg,"-verify_email") == 0)

		{

		if (!argn)

			*badarg = 1;

		email = (unsigned char *)argn;

		email = argn;

		(*pargs)++;

		}

	else if (strcmp(arg,"-verify_ip") == 0)
@@ -2960,8 +2961,8 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in) 
#endif  /* ndef OPENSSL_NO_TLSEXT */



void print_cert_checks(BIO *bio, X509 *x,

				const unsigned char *checkhost,

				const unsigned char *checkemail,

				const char *checkhost,

				const char *checkemail,

				const char *checkip)

	{

	if (x == NULL)

apps/apps.h

+2 −2
Original line number Diff line number Diff line
@@ -342,8 +342,8 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in); 
#endif  /* ndef OPENSSL_NO_TLSEXT */



void print_cert_checks(BIO *bio, X509 *x,

				const unsigned char *checkhost,

				const unsigned char *checkemail,

				const char *checkhost,

				const char *checkemail,

				const char *checkip);



void store_setup_crl_download(X509_STORE *st);

apps/x509.c

+4 −3
Original line number Diff line number Diff line
@@ -214,7 +214,8 @@ int MAIN(int argc, char **argv) 
	int need_rand = 0;

	int checkend=0,checkoffset=0;

	unsigned long nmflag = 0, certflag = 0;

	unsigned char *checkhost = NULL, *checkemail = NULL;

	char *checkhost = NULL;

	char *checkemail = NULL;

	char *checkip = NULL;

#ifndef OPENSSL_NO_ENGINE

	char *engine=NULL;
@@ -474,12 +475,12 @@ int MAIN(int argc, char **argv) 
		else if (strcmp(*argv,"-checkhost") == 0)

			{

			if (--argc < 1) goto bad;

			checkhost=(unsigned char *)*(++argv);

			checkhost=*(++argv);

			}

		else if (strcmp(*argv,"-checkemail") == 0)

			{

			if (--argc < 1) goto bad;

			checkemail=(unsigned char *)*(++argv);

			checkemail=*(++argv);

			}

		else if (strcmp(*argv,"-checkip") == 0)

			{

crypto/x509/x509_lcl.h

+1 −1
Original line number Diff line number Diff line
@@ -63,7 +63,7 @@ struct X509_VERIFY_PARAM_ID_st 
	STACK_OF(OPENSSL_STRING) *hosts;	/* Set of acceptable names */

	unsigned int hostflags;	/* Flags to control matching features */

	char *peername;		/* Matching hostname in peer certificate */

	unsigned char *email;	/* If not NULL email address to match */

	char *email;		/* If not NULL email address to match */

	size_t emaillen;

	unsigned char *ip;	/* If not NULL IP address to match */

	size_t iplen;		/* Length of IP address */

crypto/x509/x509_vfy.c

+2 −2
Original line number Diff line number Diff line
@@ -747,11 +747,11 @@ static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id) 
	{

	int i;

	int n = sk_OPENSSL_STRING_num(id->hosts);

	unsigned char *name;

	char *name;



	for (i = 0; i < n; ++i)

		{

		name = (unsigned char *)sk_OPENSSL_STRING_value(id->hosts, i);

		name = sk_OPENSSL_STRING_value(id->hosts, i);

		if (X509_check_host(x, name, 0, id->hostflags,

				    &id->peername) > 0)

			return 1;