Increase CT_NUMBER values

Also add build-time errors to keep them in sync. Thanks to GitHub user YuDudysheva for reporting this. Reviewed-by: N Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6874)

Increase CT_NUMBER values
Also add build-time errors to keep them in sync. Thanks to GitHub user YuDudysheva for reporting this. Reviewed-by: N Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6874)
b5ee5177 · Rich Salz · 10281e83 · b5ee5177 · b5ee5177
隐藏空白更改
内联并排

Showing with 15 addition and 3 deletion

include/openssl/ssl3.h include/openssl/ssl3.h +8 -2

include/openssl/tls1.h include/openssl/tls1.h +7 -1

未找到文件。
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -263,9 +263,15 @@ extern "C" {
 # define SSL3_CT_FORTEZZA_DMS                    20
 /*
 * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
- * contain all of the cert types defined either for SSLv3 and TLSv1.
+ * contain all of the cert types defined for *either* SSLv3 and TLSv1.
 */
-# define SSL3_CT_NUMBER                  9
+# define SSL3_CT_NUMBER                  10
+
+# if defined(TLS_CT_NUMBER)
+#  if TLS_CT_NUMBER != SSL3_CT_NUMBER
+#    error "SSL/TLS CT_NUMBER values do not match"
+#  endif
+# endif

 /* No longer used as of OpenSSL 1.1.1 */
 # define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001

--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -1149,7 +1149,13 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
 * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
 * comment there)
 */
-# define TLS_CT_NUMBER                   9
+# define TLS_CT_NUMBER                   10
+
+# if defined(SSL3_CT_NUMBER)
+#  if TLS_CT_NUMBER != SSL3_CT_NUMBER
+#    error "SSL/TLS CT_NUMBER values do not match"
+#  endif
+# endif

 # define TLS1_FINISH_MAC_LENGTH          12