add tls_peer functions for checking names and issuers of peer certificates.

ok jsing@
author: beck <> 2015-09-11 12:56:55 +0000
committer: beck <> 2015-09-11 12:56:55 +0000
commit: 68048eefb0353c6cb686c092af50ba61fca67874 (patch)
tree: 6080d52d99050fc94d1bd00cdb70fd607c96d262 /src/lib/libtls/tls_client.c
parent: 656ef1e2adb75d20a81b8763a2088b2c8e6c3058 (diff)
download: openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.gz
openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.bz2
openbsd-68048eefb0353c6cb686c092af50ba61fca67874.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c
index fb7f3a6f75..2aca519f8b 100644
--- a/src/lib/libtls/tls_client.c
+++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_client.c,v 1.26 2015/09/10 10:14:20 jsing Exp $ */
+/* $OpenBSD: tls_client.c,v 1.27 2015/09/11 12:56:55 beck Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -262,7 +262,7 @@ tls_handshake_client(struct tls *ctx)
                        tls_set_errorx(ctx, "no server certificate");
                        goto err;
                }
-                if ((rv = tls_check_servername(ctx, cert,
+                if ((rv = tls_check_name(ctx, cert,
                    ctx->servername)) != 0) {
                        if (rv != -2)
                                tls_set_errorx(ctx, "name `%s' not present in"
author	beck <>	2015-09-11 12:56:55 +0000
committer	beck <>	2015-09-11 12:56:55 +0000
commit	68048eefb0353c6cb686c092af50ba61fca67874 (patch)
tree	6080d52d99050fc94d1bd00cdb70fd607c96d262 /src/lib/libtls/tls_client.c
parent	656ef1e2adb75d20a81b8763a2088b2c8e6c3058 (diff)
download	openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.gz openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.bz2 openbsd-68048eefb0353c6cb686c092af50ba61fca67874.zip

diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c index fb7f3a6f75..2aca519f8b 100644 --- a/src/lib/libtls/tls_client.c +++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_client.c,v 1.26 2015/09/10 10:14:20 jsing Exp $ */	1	/* $OpenBSD: tls_client.c,v 1.27 2015/09/11 12:56:55 beck Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -262,7 +262,7 @@ tls_handshake_client(struct tls *ctx)
262	tls_set_errorx(ctx, "no server certificate");	262	tls_set_errorx(ctx, "no server certificate");
263	goto err;	263	goto err;
264	}	264	}
265	if ((rv = tls_check_servername(ctx, cert,	265	if ((rv = tls_check_name(ctx, cert,
266	ctx->servername)) != 0) {	266	ctx->servername)) != 0) {
267	if (rv != -2)	267	if (rv != -2)
268	tls_set_errorx(ctx, "name `%s' not present in"	268	tls_set_errorx(ctx, "name `%s' not present in"