* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2012 */
+/* Copyright (c) University of Cambridge 1995 - 2016 */
/* See the file NOTICE for conditions of use and distribution. */
/* This module provides TLS (aka SSL) support for Exim. The code for OpenSSL is
static uschar *
to_tz(uschar * tz)
{
- uschar * old = US getenv("TZ");
- setenv("TZ", CS tz, 1);
- tzset();
- return old;
+uschar * old = US getenv("TZ");
+(void) setenv("TZ", CCS tz, 1);
+tzset();
+return old;
}
+
static void
restore_tz(uschar * tz)
{
- if (tz)
- setenv("TZ", CS tz, 1);
- else
- unsetenv("TZ");
- tzset();
+if (tz)
+ (void) setenv("TZ", CCS tz, 1);
+else
+ (void) os_unsetenv(US"TZ");
+tzset();
}
/*************************************************
*************************************************/
#ifdef USE_GNUTLS
-#include "tls-gnu.c"
-#include "tlscert-gnu.c"
+# include "tls-gnu.c"
+# include "tlscert-gnu.c"
-#define ssl_xfer_buffer (state_server.xfer_buffer)
-#define ssl_xfer_buffer_lwm (state_server.xfer_buffer_lwm)
-#define ssl_xfer_buffer_hwm (state_server.xfer_buffer_hwm)
-#define ssl_xfer_eof (state_server.xfer_eof)
-#define ssl_xfer_error (state_server.xfer_error)
+# define ssl_xfer_buffer (state_server.xfer_buffer)
+# define ssl_xfer_buffer_lwm (state_server.xfer_buffer_lwm)
+# define ssl_xfer_buffer_hwm (state_server.xfer_buffer_hwm)
+# define ssl_xfer_eof (state_server.xfer_eof)
+# define ssl_xfer_error (state_server.xfer_error)
#else
-#include "tls-openssl.c"
-#include "tlscert-openssl.c"
+# include "tls-openssl.c"
+# include "tlscert-openssl.c"
#endif
*/
uschar *
-tls_field_from_dn(uschar * dn, uschar * mod)
+tls_field_from_dn(uschar * dn, const uschar * mod)
{
int insep = ',';
uschar outsep = '\n';
dn_to_list(dn);
insep = ',';
len = match ? Ustrlen(match) : -1;
-while ((ele = string_nextinlist(&dn, &insep, NULL, 0)))
+while ((ele = string_nextinlist(CUSS &dn, &insep, NULL, 0)))
if ( !match
|| Ustrncmp(ele, match, len) == 0 && ele[len] == '='
)
*/
BOOL
-tls_is_name_for_cert(uschar * namelist, void * cert)
+tls_is_name_for_cert(const uschar * namelist, void * cert)
{
uschar * altnames = tls_cert_subject_altname(cert, US"dns");
uschar * subjdn;
int alt_sep = '\n';
while ((cmpname = string_nextinlist(&namelist, &cmp_sep, NULL, 0)))
{
- uschar * an = altnames;
+ const uschar * an = altnames;
while ((certname = string_nextinlist(&an, &alt_sep, NULL, 0)))
if (is_name_match(cmpname, certname))
return TRUE;
dn_to_list(subjdn);
while ((cmpname = string_nextinlist(&namelist, &cmp_sep, NULL, 0)))
{
- uschar * sn = subjdn;
+ const uschar * sn = subjdn;
while ((certname = string_nextinlist(&sn, &sn_sep, NULL, 0)))
if ( *certname++ == 'C'
&& *certname++ == 'N'