add tls_peer functions for checking names and issuers of peer certificates.

ok jsing@
author: beck <> 2015-09-11 12:56:55 +0000
committer: beck <> 2015-09-11 12:56:55 +0000
commit: 68048eefb0353c6cb686c092af50ba61fca67874 (patch)
tree: 6080d52d99050fc94d1bd00cdb70fd607c96d262 /src/lib/libtls/tls_verify.c
parent: 656ef1e2adb75d20a81b8763a2088b2c8e6c3058 (diff)
download: openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.gz
openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.bz2
openbsd-68048eefb0353c6cb686c092af50ba61fca67874.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libtls/tls_verify.c b/src/lib/libtls/tls_verify.c
index 7fd0b3d545..c6f29c897d 100644
--- a/src/lib/libtls/tls_verify.c
+++ b/src/lib/libtls/tls_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_verify.c,v 1.11 2015/09/09 19:49:07 jsing Exp $ */
+/* $OpenBSD: tls_verify.c,v 1.12 2015/09/11 12:56:55 beck Exp $ */
 /*
 * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
 *
@@ -246,13 +246,13 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name)
 }
 int
-tls_check_servername(struct tls *ctx, X509 *cert, const char *servername)
+tls_check_name(struct tls *ctx, X509 *cert, const char *name)
 {
        int     rv;
-        rv = tls_check_subject_altname(ctx, cert, servername);
+        rv = tls_check_subject_altname(ctx, cert, name);
        if (rv == 0 || rv == -2)
                return rv;
-        return tls_check_common_name(ctx, cert, servername);
+        return tls_check_common_name(ctx, cert, name);
 }
author	beck <>	2015-09-11 12:56:55 +0000
committer	beck <>	2015-09-11 12:56:55 +0000
commit	68048eefb0353c6cb686c092af50ba61fca67874 (patch)
tree	6080d52d99050fc94d1bd00cdb70fd607c96d262 /src/lib/libtls/tls_verify.c
parent	656ef1e2adb75d20a81b8763a2088b2c8e6c3058 (diff)
download	openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.gz openbsd-68048eefb0353c6cb686c092af50ba61fca67874.tar.bz2 openbsd-68048eefb0353c6cb686c092af50ba61fca67874.zip

diff --git a/src/lib/libtls/tls_verify.c b/src/lib/libtls/tls_verify.c index 7fd0b3d545..c6f29c897d 100644 --- a/src/lib/libtls/tls_verify.c +++ b/src/lib/libtls/tls_verify.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_verify.c,v 1.11 2015/09/09 19:49:07 jsing Exp $ */	1	/* $OpenBSD: tls_verify.c,v 1.12 2015/09/11 12:56:55 beck Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>	3	* Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
4	*	4	*
@@ -246,13 +246,13 @@ tls_check_common_name(struct tls ctx, X509 cert, const char *name)
246	}	246	}
247		247
248	int	248	int
249	tls_check_servername(struct tls ctx, X509 cert, const char *servername)	249	tls_check_name(struct tls ctx, X509 cert, const char *name)
250	{	250	{
251	int rv;	251	int rv;
252		252
253	rv = tls_check_subject_altname(ctx, cert, servername);	253	rv = tls_check_subject_altname(ctx, cert, name);
254	if (rv == 0 \|\| rv == -2)	254	if (rv == 0 \|\| rv == -2)
255	return rv;	255	return rv;
256		256
257	return tls_check_common_name(ctx, cert, servername);	257	return tls_check_common_name(ctx, cert, name);
258	}	258	}