mirror of
https://github.com/esp8266/Arduino.git
synced 2025-07-30 16:24:09 +03:00
Added SAN ("Subject Alternative Name" support
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@159 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich
34
ssl/tls1.c
34
ssl/tls1.c
@ -419,6 +419,7 @@ error:
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Retrieve an X.509 distinguished name component
|
||||
*/
|
||||
@ -452,7 +453,27 @@ EXP_FUNC const char * STDCALL ssl_get_cert_dn(const SSL *ssl, int component)
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
/*
|
||||
* Retrieve a "Subject Alternative Name" from a v3 certificate
|
||||
*/
|
||||
EXP_FUNC const char * STDCALL ssl_get_cert_subject_alt_dnsname(const SSL *ssl,
|
||||
int dnsindex)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (ssl->x509_ctx == NULL || ssl->x509_ctx->subject_alt_dnsnames == NULL)
|
||||
return NULL;
|
||||
|
||||
for (i = 0; i < dnsindex; ++i)
|
||||
{
|
||||
if (ssl->x509_ctx->subject_alt_dnsnames[i] == NULL)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return ssl->x509_ctx->subject_alt_dnsnames[dnsindex];
|
||||
}
|
||||
|
||||
#endif /* CONFIG_SSL_CERT_VERIFICATION */
|
||||
|
||||
/*
|
||||
* Find an ssl object based on the client's file descriptor.
|
||||
@ -879,7 +900,6 @@ static void *crypt_new(SSL *ssl, uint8_t *key, uint8_t *iv, int is_decrypt)
|
||||
|
||||
return (void *)aes_ctx;
|
||||
}
|
||||
break;
|
||||
|
||||
case SSL_RC4_128_MD5:
|
||||
#endif
|
||||
@ -889,7 +909,6 @@ static void *crypt_new(SSL *ssl, uint8_t *key, uint8_t *iv, int is_decrypt)
|
||||
RC4_setup(rc4_ctx, key, 16);
|
||||
return (void *)rc4_ctx;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
return NULL; /* its all gone wrong */
|
||||
@ -1505,7 +1524,7 @@ void disposable_free(SSL *ssl)
|
||||
{
|
||||
if (ssl->dc)
|
||||
{
|
||||
free(ssl->dc->key_block);
|
||||
free(ssl->dc->key_block);
|
||||
memset(ssl->dc, 0, sizeof(DISPOSABLE_CTX));
|
||||
free(ssl->dc);
|
||||
ssl->dc = NULL;
|
||||
@ -2045,12 +2064,19 @@ EXP_FUNC int STDCALL ssl_verify_cert(const SSL *ssl)
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
EXP_FUNC const char * STDCALL ssl_get_cert_dn(const SSL *ssl, int component)
|
||||
{
|
||||
printf(unsupported_str);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
EXP_FUNC const char * STDCALL ssl_get_cert_subject_alt_dnsname(const SSL *ssl, int index)
|
||||
{
|
||||
printf(unsupported_str);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#endif /* CONFIG_SSL_CERT_VERIFICATION */
|
||||
|
||||
#endif /* CONFIG_BINDINGS */
|
||||
|
||||
Reference in New Issue
Block a user