Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
6e661d45
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
6e661d45
编写于
7月 06, 2014
作者:
V
Viktor Dukhovni
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
New peername element in X509_VERIFY_PARAM_ID
Declaration, memory management, accessor and documentation.
上级
d2ab55eb
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
22 addition
and
2 deletion
+22
-2
crypto/x509/x509_lcl.h
crypto/x509/x509_lcl.h
+1
-0
crypto/x509/x509_vfy.h
crypto/x509/x509_vfy.h
+1
-0
crypto/x509/x509_vpm.c
crypto/x509/x509_vpm.c
+8
-1
doc/crypto/X509_VERIFY_PARAM_set_flags.pod
doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+12
-1
未找到文件。
crypto/x509/x509_lcl.h
浏览文件 @
6e661d45
...
...
@@ -62,6 +62,7 @@ struct X509_VERIFY_PARAM_ID_st
{
STACK_OF
(
OPENSSL_STRING
)
*
hosts
;
/* Set of acceptable names */
unsigned
int
hostflags
;
/* Flags to control matching features */
char
*
peername
;
/* Matching hostname in peer certificate */
unsigned
char
*
email
;
/* If not NULL email address to match */
size_t
emaillen
;
unsigned
char
*
ip
;
/* If not NULL IP address to match */
...
...
crypto/x509/x509_vfy.h
浏览文件 @
6e661d45
...
...
@@ -564,6 +564,7 @@ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
const
unsigned
char
*
name
,
size_t
namelen
);
void
X509_VERIFY_PARAM_set_hostflags
(
X509_VERIFY_PARAM
*
param
,
unsigned
int
flags
);
char
*
X509_VERIFY_PARAM_get0_peername
(
X509_VERIFY_PARAM
*
);
int
X509_VERIFY_PARAM_set1_email
(
X509_VERIFY_PARAM
*
param
,
const
unsigned
char
*
email
,
size_t
emaillen
);
int
X509_VERIFY_PARAM_set1_ip
(
X509_VERIFY_PARAM
*
param
,
...
...
crypto/x509/x509_vpm.c
浏览文件 @
6e661d45
...
...
@@ -149,6 +149,8 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
string_stack_free
(
paramid
->
hosts
);
paramid
->
hosts
=
NULL
;
}
if
(
paramid
->
peername
)
OPENSSL_free
(
paramid
->
peername
);
if
(
paramid
->
email
)
{
OPENSSL_free
(
paramid
->
email
);
...
...
@@ -482,6 +484,11 @@ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
param
->
id
->
hostflags
=
flags
;
}
char
*
X509_VERIFY_PARAM_get0_peername
(
X509_VERIFY_PARAM
*
param
)
{
return
param
->
id
->
peername
;
}
int
X509_VERIFY_PARAM_set1_email
(
X509_VERIFY_PARAM
*
param
,
const
unsigned
char
*
email
,
size_t
emaillen
)
{
...
...
@@ -517,7 +524,7 @@ const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param)
return
param
->
name
;
}
static
X509_VERIFY_PARAM_ID
_empty_id
=
{
NULL
,
0U
,
NULL
,
0
,
NULL
,
0
};
static
X509_VERIFY_PARAM_ID
_empty_id
=
{
NULL
,
0U
,
NULL
,
NULL
,
0
,
NULL
,
0
};
#define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id
...
...
doc/crypto/X509_VERIFY_PARAM_set_flags.pod
浏览文件 @
6e661d45
...
...
@@ -2,7 +2,7 @@
=head1 NAME
X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters
X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_
get0_peername, X509_VERIFY_PARAM_
set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters
=head1 SYNOPSIS
...
...
@@ -32,6 +32,7 @@ X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_ge
const unsigned char *name, size_t namelen);
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
unsigned int flags);
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
const unsigned char *email, size_t emaillen);
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
...
...
@@ -95,6 +96,16 @@ are retained, no change is made if B<name> is NULL or empty. When
multiple names are configured, the peer is considered verified when
any name matches.
X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject
CommonName from the peer certificate that matched one of the reference
identifiers. When wildcard matching is not disabled, or when a
reference identifier specifies a parent domain (starts with ".")
rather than a hostname, the peer name may be a wildcard name or a
sub-domain of the reference identifier respectively. The return
string is allocated by the library and is no longer valid once the
associated B<param> argument is freed. Applications must not free
the return value.
X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to
B<email>. If B<email> is NUL-terminated, B<emaillen> may be zero, otherwise
B<emaillen> must be set to the length of B<email>. When an email address
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录