summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authortb <>2022-01-05 17:44:30 +0000
committertb <>2022-01-05 17:44:30 +0000
commit956cdcbd92eea3030e9f957b3955dfc08e16e4e9 (patch)
tree6e429bdad1c1ee97d325de7f2c19f94494d0bcca /src/lib
parentf05deefcdfbc639504bc41d1d2e6d500f847ab5e (diff)
downloadopenbsd-956cdcbd92eea3030e9f957b3955dfc08e16e4e9.tar.gz
openbsd-956cdcbd92eea3030e9f957b3955dfc08e16e4e9.tar.bz2
openbsd-956cdcbd92eea3030e9f957b3955dfc08e16e4e9.zip
Hoist IPAddressFamily_cmp() to the other IPAddressFamily functions.
ok inoguchi jsing
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/x509/x509_addr.c58
1 files changed, 29 insertions, 29 deletions
diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c
index acf1321c93..54cfd485cd 100644
--- a/src/lib/libcrypto/x509/x509_addr.c
+++ b/src/lib/libcrypto/x509/x509_addr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_addr.c,v 1.67 2022/01/05 17:43:04 tb Exp $ */ 1/* $OpenBSD: x509_addr.c,v 1.68 2022/01/05 17:44:30 tb Exp $ */
2/* 2/*
3 * Contributed to the OpenSSL Project by the American Registry for 3 * Contributed to the OpenSSL Project by the American Registry for
4 * Internet Numbers ("ARIN"). 4 * Internet Numbers ("ARIN").
@@ -452,6 +452,34 @@ IPAddressFamily_afi_length(const IPAddressFamily *f, int *out_length)
452 return 1; 452 return 1;
453} 453}
454 454
455#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b))
456
457/*
458 * Sort comparison function for a sequence of IPAddressFamily.
459 *
460 * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
461 * the ordering: I can read it as meaning that IPv6 without a SAFI
462 * comes before IPv4 with a SAFI, which seems pretty weird. The
463 * examples in appendix B suggest that the author intended the
464 * null-SAFI rule to apply only within a single AFI, which is what I
465 * would have expected and is what the following code implements.
466 */
467static int
468IPAddressFamily_cmp(const IPAddressFamily *const *a_,
469 const IPAddressFamily *const *b_)
470{
471 const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
472 const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
473 int len, cmp;
474
475 len = MINIMUM(a->length, b->length);
476
477 if ((cmp = memcmp(a->data, b->data, len)) != 0)
478 return cmp;
479
480 return a->length - b->length;
481}
482
455/* 483/*
456 * Extract the AFI from an IPAddressFamily. 484 * Extract the AFI from an IPAddressFamily.
457 * 485 *
@@ -1130,34 +1158,6 @@ X509v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
1130 return afi_len; 1158 return afi_len;
1131} 1159}
1132 1160
1133#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b))
1134
1135/*
1136 * Sort comparison function for a sequence of IPAddressFamily.
1137 *
1138 * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
1139 * the ordering: I can read it as meaning that IPv6 without a SAFI
1140 * comes before IPv4 with a SAFI, which seems pretty weird. The
1141 * examples in appendix B suggest that the author intended the
1142 * null-SAFI rule to apply only within a single AFI, which is what I
1143 * would have expected and is what the following code implements.
1144 */
1145static int
1146IPAddressFamily_cmp(const IPAddressFamily *const *a_,
1147 const IPAddressFamily *const *b_)
1148{
1149 const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
1150 const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
1151 int len, cmp;
1152
1153 len = MINIMUM(a->length, b->length);
1154
1155 if ((cmp = memcmp(a->data, b->data, len)) != 0)
1156 return cmp;
1157
1158 return a->length - b->length;
1159}
1160
1161/* 1161/*
1162 * Check whether an IPAddrBLocks is in canonical form. 1162 * Check whether an IPAddrBLocks is in canonical form.
1163 */ 1163 */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-01 00:48:36 +0000