diff options
Diffstat (limited to 'lib/libtls/tls_verify.c')
-rw-r--r-- | lib/libtls/tls_verify.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/libtls/tls_verify.c b/lib/libtls/tls_verify.c index 685146a4a9a..fbbed7969c4 100644 --- a/lib/libtls/tls_verify.c +++ b/lib/libtls/tls_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_verify.c,v 1.21 2023/05/05 14:05:33 tb Exp $ */ +/* $OpenBSD: tls_verify.c,v 1.22 2023/05/10 13:48:54 op Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> * @@ -126,12 +126,12 @@ tls_check_subject_altname(struct tls *ctx, X509 *cert, const char *name, continue; if (type == GEN_DNS) { - unsigned char *data; + const unsigned char *data; int format, len; format = ASN1_STRING_type(altname->d.dNSName); if (format == V_ASN1_IA5STRING) { - data = ASN1_STRING_data(altname->d.dNSName); + data = ASN1_STRING_get0_data(altname->d.dNSName); len = ASN1_STRING_length(altname->d.dNSName); if (len < 0 || (size_t)len != strlen(data)) { @@ -171,11 +171,11 @@ tls_check_subject_altname(struct tls *ctx, X509 *cert, const char *name, } } else if (type == GEN_IPADD) { - unsigned char *data; + const unsigned char *data; int datalen; datalen = ASN1_STRING_length(altname->d.iPAddress); - data = ASN1_STRING_data(altname->d.iPAddress); + data = ASN1_STRING_get0_data(altname->d.iPAddress); if (datalen < 0) { tls_set_errorx(ctx, |