kris
/
boringssl
1
0
Förgrening 0
Kod Ärenden 0 Pull-förfrågningar 0 Släpp 0 Wiki Aktiviteter
Bläddra i källkod

Deprecate SSL_get_client_certificate_types. 

OpenSSL added SSL_get0_certificate_types and fixed the truncation (and
subsequent parse error) by adding an alternate copy of the data.
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=9f27b1eec3175305e62eed87faa80e231f319ca0

Make SSL_get_client_certificate_types call SSL_get0_certificate_types to query
the new list. Remove when Chromium is switched over.

Also remove a now unnecessary cast because SSL_get_client_certificate_types
fixed the type of tmp.ctypes. Further fix it to use a size_t and match the
cert_st copy OpenSSL added.

BUG=388000

Change-Id: Ic6653e10e5a3c3ac6b3fe2a2322f388d6ffb0a06
kris/onging/CECPQ3_patch15
David Benjamin 10 år sedan
förälder
ac61fa379f
incheckning
5c57c60beb
4 ändrade filer med 7 tillägg och 13 borttagningar
Delad Vy
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      ssl/s3_lib.c
  2. +1
    -0
      ssl/ssl.h
  3. +1
    -1
      ssl/ssl3.h
  4. +3
    -10
      ssl/ssl_cert.c

+ 2
- 2
ssl/s3_lib.c Visa fil

@@ -3195,8 +3195,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return (int)s->cert->ctype_num;
}
if (pctype)
*pctype = (unsigned char *)s->s3->tmp.ctype;
return s->s3->tmp.ctype_num;
*pctype = s->s3->tmp.ctype;
return (int)s->s3->tmp.ctype_num;
}

case SSL_CTRL_SET_CLIENT_CERT_TYPES:


+ 1
- 0
ssl/ssl.h Visa fil

@@ -2416,6 +2416,7 @@ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
int SSL_add_client_CA(SSL *ssl,X509 *x);
int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);

/* Deprecated. Use SSL_get0_certificate_types instead. */
void SSL_get_client_certificate_types(const SSL *s, const unsigned char **ctype,
size_t *ctype_num);



+ 1
- 1
ssl/ssl3.h Visa fil

@@ -524,7 +524,7 @@ typedef struct ssl3_state_st

/* used for certificate requests */
int cert_req;
int ctype_num;
size_t ctype_num;
unsigned char ctype[SSL3_CT_NUMBER];
STACK_OF(X509_NAME) *ca_names;



+ 3
- 10
ssl/ssl_cert.c Visa fil

@@ -1020,16 +1020,9 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
void SSL_get_client_certificate_types(const SSL *s, const unsigned char **ctype,
size_t *ctype_num)
{
if (s->s3 == NULL)
{
*ctype = NULL;
*ctype_num = 0;
return;
}

/* This always returns nothing for the server. */
*ctype = s->s3->tmp.ctype;
*ctype_num = s->s3->tmp.ctype_num;
/* TODO(fork): Remove this function once Chromium is updated
* to use the new one. */
*ctype_num = SSL_get0_certificate_types((SSL*)s, ctype);
}

static int xname_cmp(const X509_NAME **a, const X509_NAME **b)


Skriv Förhandsgranska
Laddar…
Avbryt
Spara