Lines 214-219
static const char *op_parse_file_url(const char *_src){
Link Here
|
214 |
# include <winsock2.h> |
214 |
# include <winsock2.h> |
215 |
# include <ws2tcpip.h> |
215 |
# include <ws2tcpip.h> |
216 |
# include <openssl/ssl.h> |
216 |
# include <openssl/ssl.h> |
|
|
217 |
# include <openssl/asn1.h> |
217 |
# include "winerrno.h" |
218 |
# include "winerrno.h" |
218 |
|
219 |
|
219 |
typedef SOCKET op_sock; |
220 |
typedef SOCKET op_sock; |
Lines 338-343
int SSL_CTX_set_default_verify_paths_win32(SSL_CTX *_ssl_ctx);
Link Here
|
338 |
# include <poll.h> |
339 |
# include <poll.h> |
339 |
# include <unistd.h> |
340 |
# include <unistd.h> |
340 |
# include <openssl/ssl.h> |
341 |
# include <openssl/ssl.h> |
|
|
342 |
# include <openssl/asn1.h> |
341 |
|
343 |
|
342 |
typedef int op_sock; |
344 |
typedef int op_sock; |
343 |
|
345 |
|
Lines 1520-1525
static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){
Link Here
|
1520 |
# if OPENSSL_VERSION_NUMBER<0x10100000L |
1522 |
# if OPENSSL_VERSION_NUMBER<0x10100000L |
1521 |
# define BIO_set_data(_b,_ptr) ((_b)->ptr=(_ptr)) |
1523 |
# define BIO_set_data(_b,_ptr) ((_b)->ptr=(_ptr)) |
1522 |
# define BIO_set_init(_b,_init) ((_b)->init=(_init)) |
1524 |
# define BIO_set_init(_b,_init) ((_b)->init=(_init)) |
|
|
1525 |
# define ASN1_STRING_get0_data ASN1_STRING_data |
1523 |
# endif |
1526 |
# endif |
1524 |
|
1527 |
|
1525 |
static int op_bio_retry_new(BIO *_b){ |
1528 |
static int op_bio_retry_new(BIO *_b){ |
Lines 1620-1626
static int op_http_hostname_match(const char *_host,size_t _host_len,
Link Here
|
1620 |
size_t pattern_label_len; |
1623 |
size_t pattern_label_len; |
1621 |
size_t pattern_prefix_len; |
1624 |
size_t pattern_prefix_len; |
1622 |
size_t pattern_suffix_len; |
1625 |
size_t pattern_suffix_len; |
1623 |
pattern=(const char *)ASN1_STRING_data(_pattern); |
1626 |
pattern=(const char *)ASN1_STRING_get0_data(_pattern); |
1624 |
pattern_len=strlen(pattern); |
1627 |
pattern_len=strlen(pattern); |
1625 |
/*Check the pattern for embedded NULs.*/ |
1628 |
/*Check the pattern for embedded NULs.*/ |
1626 |
if(OP_UNLIKELY(pattern_len!=(size_t)ASN1_STRING_length(_pattern)))return 0; |
1629 |
if(OP_UNLIKELY(pattern_len!=(size_t)ASN1_STRING_length(_pattern)))return 0; |
Lines 1790-1796
static int op_http_verify_hostname(OpusHTTPStream *_stream,SSL *_ssl_conn){
Link Here
|
1790 |
} |
1793 |
} |
1791 |
} |
1794 |
} |
1792 |
else if(name->type==GEN_IPADD){ |
1795 |
else if(name->type==GEN_IPADD){ |
1793 |
unsigned char *cert_ip; |
1796 |
unsigned const char *cert_ip; |
1794 |
/*If we do have an IP address, compare it directly. |
1797 |
/*If we do have an IP address, compare it directly. |
1795 |
RFC 6125: "When the reference identity is an IP address, the identity |
1798 |
RFC 6125: "When the reference identity is an IP address, the identity |
1796 |
MUST be converted to the 'network byte order' octet string |
1799 |
MUST be converted to the 'network byte order' octet string |
Lines 1803-1809
static int op_http_verify_hostname(OpusHTTPStream *_stream,SSL *_ssl_conn){
Link Here
|
1803 |
type iPAddress. |
1806 |
type iPAddress. |
1804 |
A match occurs if the reference identity octet string and the value |
1807 |
A match occurs if the reference identity octet string and the value |
1805 |
octet strings are identical."*/ |
1808 |
octet strings are identical."*/ |
1806 |
cert_ip=ASN1_STRING_data(name->d.iPAddress); |
1809 |
cert_ip=ASN1_STRING_get0_data(name->d.iPAddress); |
1807 |
if(ip_len==ASN1_STRING_length(name->d.iPAddress) |
1810 |
if(ip_len==ASN1_STRING_length(name->d.iPAddress) |
1808 |
&&memcmp(ip,cert_ip,ip_len)==0){ |
1811 |
&&memcmp(ip,cert_ip,ip_len)==0){ |
1809 |
ret=1; |
1812 |
ret=1; |
1810 |
- |
|
|