diff options
| author | gshapiro <gshapiro@FreeBSD.org> | 2007-04-09 01:38:51 +0000 |
|---|---|---|
| committer | gshapiro <gshapiro@FreeBSD.org> | 2007-04-09 01:38:51 +0000 |
| commit | 14e22b52d4375b164f9fa21c0ab3abd9837e823f (patch) | |
| tree | 2a4f38ae8ba223f3bf2402f56d35c997e5af6db5 /contrib/sendmail/src/tls.c | |
| parent | 0a9c74f73599b0ca2981b57815b436d1f6de6191 (diff) | |
| download | FreeBSD-src-14e22b52d4375b164f9fa21c0ab3abd9837e823f.zip FreeBSD-src-14e22b52d4375b164f9fa21c0ab3abd9837e823f.tar.gz | |
Import sendmail 8.14.1
Diffstat (limited to 'contrib/sendmail/src/tls.c')
| -rw-r--r-- | contrib/sendmail/src/tls.c | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/contrib/sendmail/src/tls.c b/contrib/sendmail/src/tls.c index 71fcdc3..1a213ca 100644 --- a/contrib/sendmail/src/tls.c +++ b/contrib/sendmail/src/tls.c @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: tls.c,v 8.105 2006/05/11 22:59:31 ca Exp $") +SM_RCSID("@(#)$Id: tls.c,v 8.107 2006/10/12 21:35:11 ca Exp $") #if STARTTLS # include <openssl/err.h> @@ -213,7 +213,7 @@ tls_rand_init(randfile, logl) DontBlameSendmail)) { /* add this even if fstat() failed */ - RAND_seed((void *) &st, sizeof st); + RAND_seed((void *) &st, sizeof(st)); } (void) close(fd); } @@ -251,7 +251,7 @@ tls_rand_init(randfile, logl) r = get_random(); (void) memcpy(buf + i, (void *) &r, sizeof(long)); } - RAND_seed(buf, sizeof buf); + RAND_seed(buf, sizeof(buf)); if (LogLevel > logl) sm_syslog(LOG_WARNING, NOQID, "STARTTLS: Warning: random number generator not properly seeded"); @@ -747,8 +747,10 @@ inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam) sm_syslog(LOG_WARNING, NOQID, "STARTTLS=%s, error: BIO_new=failed", who); } + else + store = NULL; # if _FFR_CRLPATH - if (CRLPath != NULL) + if (CRLPath != NULL && store != NULL) { X509_LOOKUP *lookup; @@ -1175,9 +1177,9 @@ tls_get_info(ssl, srv, host, mac, certreq) macdefine(mac, A_TEMP, macid("{cipher}"), (char *) SSL_CIPHER_get_name(c)); b = SSL_CIPHER_get_bits(c, &r); - (void) sm_snprintf(bitstr, sizeof bitstr, "%d", b); + (void) sm_snprintf(bitstr, sizeof(bitstr), "%d", b); macdefine(mac, A_TEMP, macid("{cipher_bits}"), bitstr); - (void) sm_snprintf(bitstr, sizeof bitstr, "%d", r); + (void) sm_snprintf(bitstr, sizeof(bitstr), "%d", r); macdefine(mac, A_TEMP, macid("{alg_bits}"), bitstr); s = SSL_CIPHER_get_version(c); if (s == NULL) @@ -1198,19 +1200,19 @@ tls_get_info(ssl, srv, host, mac, certreq) char buf[MAXNAME]; X509_NAME_oneline(X509_get_subject_name(cert), - buf, sizeof buf); + buf, sizeof(buf)); macdefine(mac, A_TEMP, macid("{cert_subject}"), xtextify(buf, "<>\")")); X509_NAME_oneline(X509_get_issuer_name(cert), - buf, sizeof buf); + buf, sizeof(buf)); macdefine(mac, A_TEMP, macid("{cert_issuer}"), xtextify(buf, "<>\")")); X509_NAME_get_text_by_NID(X509_get_subject_name(cert), - NID_commonName, buf, sizeof buf); + NID_commonName, buf, sizeof(buf)); macdefine(mac, A_TEMP, macid("{cn_subject}"), xtextify(buf, "<>\")")); X509_NAME_get_text_by_NID(X509_get_issuer_name(cert), - NID_commonName, buf, sizeof buf); + NID_commonName, buf, sizeof(buf)); macdefine(mac, A_TEMP, macid("{cn_issuer}"), xtextify(buf, "<>\")")); n = 0; @@ -1564,7 +1566,7 @@ tls_verify_log(ok, ctx, name) return 0; } - X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof buf); + X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)); sm_syslog(LOG_INFO, NOQID, "STARTTLS: %s cert verify: depth=%d %s, state=%d, reason=%s", name, depth, buf, ok, X509_verify_cert_error_string(reason)); |
