git://git.exim.org
/
users
/
heiko
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug...
[users/heiko/exim.git]
/
src
/
src
/
tls-openssl.c
diff --git
a/src/src/tls-openssl.c
b/src/src/tls-openssl.c
index 3d0e84f6d2d64d843f4631760b98ac7986f482d5..525afd65078dd66f6b321dc89ae7700d5acad2cd 100644
(file)
--- a/
src/src/tls-openssl.c
+++ b/
src/src/tls-openssl.c
@@
-372,10
+372,10
@@
typedef struct ocsp_resp {
} ocsp_resplist;
typedef struct tls_ext_ctx_cb {
} ocsp_resplist;
typedef struct tls_ext_ctx_cb {
- tls_support * tlsp;
- uschar *certificate;
- uschar *privatekey;
- BOOL is_server;
+ tls_support *
tlsp;
+ uschar *
certificate;
+ uschar *
privatekey;
+ BOOL
is_server;
#ifndef DISABLE_OCSP
STACK_OF(X509) *verify_stack; /* chain for verifying the proof */
union {
#ifndef DISABLE_OCSP
STACK_OF(X509) *verify_stack; /* chain for verifying the proof */
union {
@@
-390,14
+390,14
@@
typedef struct tls_ext_ctx_cb {
} client;
} u_ocsp;
#endif
} client;
} u_ocsp;
#endif
- uschar *dhparam;
+ uschar *
dhparam;
/* these are cached from first expand */
/* these are cached from first expand */
- uschar *server_cipher_list;
+ uschar *
server_cipher_list;
/* only passed down to tls_error: */
/* only passed down to tls_error: */
- host_item *host;
+ host_item *
host;
const uschar * verify_cert_hostnames;
#ifndef DISABLE_EVENT
const uschar * verify_cert_hostnames;
#ifndef DISABLE_EVENT
- uschar * event_action;
+ uschar *
event_action;
#endif
} tls_ext_ctx_cb;
#endif
} tls_ext_ctx_cb;
@@
-2919,9
+2919,9
@@
if (verify_check_given_host(CUSS &ob->tls_verify_cert_hostnames, host) == OK)
{
cbinfo->verify_cert_hostnames =
#ifdef SUPPORT_I18N
{
cbinfo->verify_cert_hostnames =
#ifdef SUPPORT_I18N
- string_domain_utf8_to_alabel(host->name, NULL);
+ string_domain_utf8_to_alabel(host->
cert
name, NULL);
#else
#else
- host->name;
+ host->
cert
name;
#endif
DEBUG(D_tls) debug_printf("Cert hostname to check: \"%s\"\n",
cbinfo->verify_cert_hostnames);
#endif
DEBUG(D_tls) debug_printf("Cert hostname to check: \"%s\"\n",
cbinfo->verify_cert_hostnames);