Commit Graph

9 Commits

Author SHA1 Message Date
Adam Langley
d0f5df2d71 New peername element in X509_VERIFY_PARAM_ID.
Declaration, memory management, accessor and documentation.

(Imported from upstream's 1eb57ae2b78c119bfba7ab647951130e968d1664.)

Change-Id: Ifa9672e46445e44a78001b0f9430a93c138d73d7
2015-02-13 11:00:47 -08:00
Adam Langley
589963f79e Multiple verifier reference identities.
(Imported from upstream's 8abffa4a73fcbf6536e0a42d736ed9211a8204ea,
9624b50d51de25bb2e3a72e81fe45032d80ea5c2 and
41e3ebd5abacfdf98461cdeb6fa97a4175b7aad3.)

Change-Id: Ic9099eb5704b19b4500229e89351371cc6184f9d
2015-02-13 10:59:10 -08:00
Adam Langley
fcd34624a1 Drop hostlen from X509_VERIFY_PARAM_ID.
Just store NUL-terminated strings. This works better when we add
support for multiple hostnames.

(Imported from upstream's d93edc0aab98377f42dd19312248597a018a7889.)

Change-Id: Ib3bf8a8c654b829b4432782ba21ba55c3d4a0582
2015-02-13 10:51:02 -08:00
Adam Langley
2b2d66d409 Remove string.h from base.h.
Including string.h in base.h causes any file that includes a BoringSSL
header to include string.h. Generally this wouldn't be a problem,
although string.h might slow down the compile if it wasn't otherwise
needed. However, it also causes problems for ipsec-tools in Android
because OpenSSL didn't have this behaviour.

This change removes string.h from base.h and, instead, adds it to each
.c file that requires it.

Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37
Reviewed-on: https://boringssl-review.googlesource.com/3200
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:14:15 +00:00
David Benjamin
aa3f6daa86 Tag a number of globals as const.
Change-Id: I6f334911f153395a2e5e26adfd08912a1d8c558b
Reviewed-on: https://boringssl-review.googlesource.com/2847
Reviewed-by: Adam Langley <agl@google.com>
2015-01-14 21:53:00 +00:00
David Benjamin
b70da6a246 Fix mis-sized allocation in x509_vpm.c
Caught by clang scan-build. (The allocation was larger than it should have
been.)

Change-Id: Ideb800118f65aaba1ee85b7611c8a705671025a8
Reviewed-on: https://boringssl-review.googlesource.com/1340
Reviewed-by: Adam Langley <agl@google.com>
2014-07-30 00:33:49 +00:00
Adam Langley
dc160f84f5 Fixes to host checking.
Fixes to host checking wild card support and add support for setting
host checking flags when verifying a certificate chain.

(Imported from upstream's a2219f6be36d12f02b6420dd95f819cf364baf1d)
2014-06-20 13:17:40 -07:00
Adam Langley
735107652b Const correctness.
This change fixes a number of build warnings.
2014-06-20 13:17:36 -07:00
Adam Langley
95c29f3cd1 Inital import.
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)
2014-06-20 13:17:32 -07:00