diff options
Diffstat (limited to 'lib/libcrypto')
-rw-r--r-- | lib/libcrypto/x509v3/v3_utl.c | 70 |
1 files changed, 40 insertions, 30 deletions
diff --git a/lib/libcrypto/x509v3/v3_utl.c b/lib/libcrypto/x509v3/v3_utl.c index 6e967194b34..d9c06af8231 100644 --- a/lib/libcrypto/x509v3/v3_utl.c +++ b/lib/libcrypto/x509v3/v3_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: v3_utl.c,v 1.33 2019/04/14 07:35:18 tb Exp $ */ +/* $OpenBSD: v3_utl.c,v 1.34 2019/04/16 19:25:36 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -538,7 +538,8 @@ sk_strcmp(const char * const *a, const char * const *b) return strcmp(*a, *b); } -STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x) +STACK_OF(OPENSSL_STRING) * +X509_get1_email(X509 *x) { GENERAL_NAMES *gens; STACK_OF(OPENSSL_STRING) *ret; @@ -549,7 +550,8 @@ STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x) return ret; } -STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x) +STACK_OF(OPENSSL_STRING) * +X509_get1_ocsp(X509 *x) { AUTHORITY_INFO_ACCESS *info; STACK_OF(OPENSSL_STRING) *ret = NULL; @@ -572,7 +574,8 @@ STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x) return ret; } -STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x) +STACK_OF(OPENSSL_STRING) * +X509_REQ_get1_email(X509_REQ *x) { GENERAL_NAMES *gens; STACK_OF(X509_EXTENSION) *exts; @@ -587,8 +590,8 @@ STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x) } -static -STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens) +static STACK_OF(OPENSSL_STRING) * +get_email(X509_NAME *name, GENERAL_NAMES *gens) { STACK_OF(OPENSSL_STRING) *ret = NULL; X509_NAME_ENTRY *ne; @@ -655,12 +658,13 @@ X509_email_free(STACK_OF(OPENSSL_STRING) *sk) sk_OPENSSL_STRING_pop_free(sk, str_free); } -typedef int (*equal_fn) (const unsigned char *pattern, size_t pattern_len, +typedef int (*equal_fn)(const unsigned char *pattern, size_t pattern_len, const unsigned char *subject, size_t subject_len, unsigned int flags); /* Skip pattern prefix to match "wildcard" subject */ -static void skip_prefix(const unsigned char **p, size_t *plen, - const unsigned char *subject, size_t subject_len, unsigned int flags) +static void +skip_prefix(const unsigned char **p, size_t *plen, const unsigned char *subject, + size_t subject_len, unsigned int flags) { const unsigned char *pattern = *p; size_t pattern_len = *plen; @@ -698,9 +702,9 @@ static void skip_prefix(const unsigned char **p, size_t *plen, */ /* Compare using strncasecmp */ -static int equal_nocase(const unsigned char *pattern, size_t pattern_len, - const unsigned char *subject, size_t subject_len, - unsigned int flags) +static int +equal_nocase(const unsigned char *pattern, size_t pattern_len, + const unsigned char *subject, size_t subject_len, unsigned int flags) { if (memchr(pattern, '\0', pattern_len) != NULL) return 0; @@ -713,9 +717,9 @@ static int equal_nocase(const unsigned char *pattern, size_t pattern_len, } /* Compare using strncmp. */ -static int equal_case(const unsigned char *pattern, size_t pattern_len, - const unsigned char *subject, size_t subject_len, - unsigned int flags) +static int +equal_case(const unsigned char *pattern, size_t pattern_len, + const unsigned char *subject, size_t subject_len, unsigned int flags) { if (memchr(pattern, 0, pattern_len) != NULL) return 0; @@ -731,9 +735,9 @@ static int equal_case(const unsigned char *pattern, size_t pattern_len, * RFC 5280, section 7.5, requires that only the domain is compared in a * case-insensitive manner. */ -static int equal_email(const unsigned char *a, size_t a_len, - const unsigned char *b, size_t b_len, - unsigned int unused_flags) +static int +equal_email(const unsigned char *a, size_t a_len, const unsigned char *b, + size_t b_len, unsigned int unused_flags) { size_t pos = a_len; if (a_len != b_len) @@ -760,7 +764,8 @@ static int equal_email(const unsigned char *a, size_t a_len, * Compare the prefix and suffix with the subject, and check that the * characters in-between are valid. */ -static int wildcard_match(const unsigned char *prefix, size_t prefix_len, +static int +wildcard_match(const unsigned char *prefix, size_t prefix_len, const unsigned char *suffix, size_t suffix_len, const unsigned char *subject, size_t subject_len, unsigned int flags) { @@ -815,8 +820,8 @@ static int wildcard_match(const unsigned char *prefix, size_t prefix_len, #define LABEL_HYPHEN (1 << 2) #define LABEL_IDNA (1 << 3) -static const unsigned char *valid_star(const unsigned char *p, size_t len, - unsigned int flags) +static const unsigned char * +valid_star(const unsigned char *p, size_t len, unsigned int flags) { const unsigned char *star = 0; size_t i; @@ -894,7 +899,8 @@ static const unsigned char *valid_star(const unsigned char *p, size_t len, } /* Compare using wildcards. */ -static int equal_wildcard(const unsigned char *pattern, size_t pattern_len, +static int +equal_wildcard(const unsigned char *pattern, size_t pattern_len, const unsigned char *subject, size_t subject_len, unsigned int flags) { const unsigned char *star = NULL; @@ -953,8 +959,9 @@ do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, return rv; } -static int do_x509_check(X509 *x, const char *chk, size_t chklen, - unsigned int flags, int check_type, char **peername) +static int +do_x509_check(X509 *x, const char *chk, size_t chklen, unsigned int flags, + int check_type, char **peername) { GENERAL_NAMES *gens = NULL; X509_NAME *name = NULL; @@ -1037,8 +1044,9 @@ static int do_x509_check(X509 *x, const char *chk, size_t chklen, return 0; } -int X509_check_host(X509 *x, const char *chk, size_t chklen, - unsigned int flags, char **peername) +int +X509_check_host(X509 *x, const char *chk, size_t chklen, unsigned int flags, + char **peername) { if (chk == NULL) return -2; @@ -1049,8 +1057,8 @@ int X509_check_host(X509 *x, const char *chk, size_t chklen, return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername); } -int X509_check_email(X509 *x, const char *chk, size_t chklen, - unsigned int flags) +int +X509_check_email(X509 *x, const char *chk, size_t chklen, unsigned int flags) { if (chk == NULL) return -2; @@ -1061,7 +1069,8 @@ int X509_check_email(X509 *x, const char *chk, size_t chklen, return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL); } -int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, +int +X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, unsigned int flags) { if (chk == NULL) @@ -1069,7 +1078,8 @@ int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL); } -int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags) +int +X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags) { unsigned char ipout[16]; size_t iplen; |