/* * Written by Dr Stephen N Henson ([email protected]) for the OpenSSL project * 2004. */ /* ==================================================================== * Copyright (c) 2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * [email protected]. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). */ #include <string.h> #include <openssl/mem.h> #include <openssl/obj.h> #include <openssl/stack.h> #include <openssl/x509.h> #include "../internal.h" #include "internal.h" // X509_VERIFY_PARAM functions #define SET_HOST … #define ADD_HOST … static void str_free(char *s) { … } static int int_x509_param_set_hosts(X509_VERIFY_PARAM *param, int mode, const char *name, size_t namelen) { … } X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) { … } void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param) { … } static int should_copy(int dest_is_set, int src_is_set, int prefer_src) { … } static void copy_int_param(int *dest, const int *src, int default_val, int prefer_src) { … } // x509_verify_param_copy copies fields from |src| to |dest|. If both |src| and // |dest| have some field set, |prefer_src| determines whether |src| or |dest|'s // version is used. static int x509_verify_param_copy(X509_VERIFY_PARAM *dest, const X509_VERIFY_PARAM *src, int prefer_src) { … } int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest, const X509_VERIFY_PARAM *src) { … } int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, const X509_VERIFY_PARAM *from) { … } static int int_x509_param_set1(char **pdest, size_t *pdestlen, const char *src, size_t srclen) { … } int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags) { … } int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags) { … } unsigned long X509_VERIFY_PARAM_get_flags(const X509_VERIFY_PARAM *param) { … } int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose) { … } int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) { … } void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth) { … } void X509_VERIFY_PARAM_set_time_posix(X509_VERIFY_PARAM *param, int64_t t) { … } void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t) { … } int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy) { … } int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, const STACK_OF(ASN1_OBJECT) *policies) { … } int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, const char *name, size_t namelen) { … } int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, const char *name, size_t namelen) { … } void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, unsigned int flags) { … } int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const char *email, size_t emaillen) { … } int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, const unsigned char *ip, size_t iplen) { … } int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc) { … } int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param) { … } static const X509_VERIFY_PARAM kDefaultParam = …; static const X509_VERIFY_PARAM kSMIMESignParam = …; static const X509_VERIFY_PARAM kSSLClientParam = …; static const X509_VERIFY_PARAM kSSLServerParam = …; const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name) { … }