libp2p/go-openssl
1
0
Fork 0
mirror of https://github.com/libp2p/go-openssl.git synced 2025-01-29 05:10:10 +08:00
Code Issues Projects Releases Wiki Activity

fix bug with hostname validation on newer openssl

Browse Source 
the signature for the X509_check_host function takes
a char **peername, and our vendored hostname code does
not have this argument. hilarity ensues!!

so since we never use it, just have our vendored code
ignore it.

Change-Id: I4fdf0a4cd43738e4cc7261e4e2d16a9deef1ac82
This commit is contained in:
Jeff Wendling 2016-10-10 11:12:18 -06:00 committed by JT Olds
parent fd0849ed03
commit 2980c58b82
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hostname.c
View File

@ -349,7 +349,7 @@ static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen,
#if OPENSSL_VERSION_NUMBER < 0x1000200fL
int X509_check_host(X509 *x, const unsigned char *chk, size_t chklen,
unsigned int flags)
unsigned int flags, char **peername)
{
return do_x509_check(x, chk, chklen, flags, GEN_DNS);
}

5
hostname.go
View File

@ -26,7 +26,7 @@ package openssl
#define X509_CHECK_FLAG_NO_WILDCARDS 0x2
extern int X509_check_host(X509 *x, const unsigned char *chk, size_t chklen,
unsigned int flags);
unsigned int flags, char **peername);
extern int X509_check_email(X509 *x, const unsigned char *chk, size_t chklen,
unsigned int flags);
extern int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
@ -60,8 +60,9 @@ const (
func (c *Certificate) CheckHost(host string, flags CheckFlags) error {
chost := unsafe.Pointer(C.CString(host))
defer C.free(chost)
rv := C.X509_check_host(c.x, (*C.uchar)(chost), C.size_t(len(host)),
C.uint(flags))
C.uint(flags), nil)
if rv > 0 {
return nil
}