openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-05-01 17:46:35 +00:00
Code Issues Projects Releases Wiki Activity

Expose X509_VERIFY_PARAM_get_hostflags()

Browse Source 
This is needed by Python 3.14, extending the urllib3 nonsense further.
This is a trivial getter and it is exercised by the libssl unit test
I added for urllib3 (which can now use dynamic linking for libcrypto).

Fixes https://github.com/libressl/portable/issues/1202
Thanks to @orbea for the report.

ok kenjiro

PS: X509_VERIFY_PARAM_get_flags() and X509_VERIFY_PARAM_get_peername()
aren't const correct. Fixing this will require some doing...
This commit is contained in:
tb
2025-10-24 11:33:38 +00:00
parent 7fe1ab940a
commit d28609239a
4 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/libcrypto/Symbols.list
View File

@@ -2654,6 +2654,7 @@ X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get_count
X509_VERIFY_PARAM_get_depth
X509_VERIFY_PARAM_get_flags
X509_VERIFY_PARAM_get_hostflags
X509_VERIFY_PARAM_get_time
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_lookup

3
lib/libcrypto/hidden/openssl/x509_vfy.h
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: x509_vfy.h,v 1.10 2025/03/09 15:20:20 tb Exp $ */
/* $OpenBSD: x509_vfy.h,v 1.11 2025/10/24 11:33:38 tb Exp $ */
/*
* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
*
@@ -122,6 +122,7 @@ LCRYPTO_USED(X509_VERIFY_PARAM_set1_name);
LCRYPTO_USED(X509_VERIFY_PARAM_set_flags);
LCRYPTO_USED(X509_VERIFY_PARAM_clear_flags);
LCRYPTO_USED(X509_VERIFY_PARAM_get_flags);
LCRYPTO_USED(X509_VERIFY_PARAM_get_hostflags);
LCRYPTO_USED(X509_VERIFY_PARAM_set_purpose);
LCRYPTO_USED(X509_VERIFY_PARAM_set_trust);
LCRYPTO_USED(X509_VERIFY_PARAM_set_depth);

3
lib/libcrypto/x509/x509_vfy.h
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: x509_vfy.h,v 1.70 2025/03/09 15:20:20 tb Exp $ */
/* $OpenBSD: x509_vfy.h,v 1.71 2025/10/24 11:33:38 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -441,6 +441,7 @@ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, const char *name,
size_t namelen);
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, const char *name,
size_t namelen);
unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
unsigned int flags);
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);

4
lib/libcrypto/x509/x509_vpm.c
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: x509_vpm.c,v 1.57 2025/10/10 23:07:40 tb Exp $ */
/* $OpenBSD: x509_vpm.c,v 1.58 2025/10/24 11:33:38 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2004.
*/
@@ -543,12 +543,12 @@ X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
}
LCRYPTO_ALIAS(X509_VERIFY_PARAM_add1_host);
/* Public API in OpenSSL - nothing seems to use this. */
unsigned int
X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param)
{
return param->hostflags;
}
LCRYPTO_ALIAS(X509_VERIFY_PARAM_get_hostflags);
void
X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, unsigned int flags)