#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
# define X509_up_ref(x) CRYPTO_add(&((x)->references), 1, CRYPTO_LOCK_X509)
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
# define X509_up_ref(x) CRYPTO_add(&((x)->references), 1, CRYPTO_LOCK_X509)
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
# define EXIM_HAVE_ASN1_MACROS
# define EXIM_OPAQUE_X509
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
# define EXIM_HAVE_ASN1_MACROS
# define EXIM_OPAQUE_X509
#else
# define X509_STORE_CTX_get_verify(ctx) (ctx)->verify
# define X509_STORE_CTX_get_verify_cb(ctx) (ctx)->verify_cb
#else
# define X509_STORE_CTX_get_verify(ctx) (ctx)->verify
# define X509_STORE_CTX_get_verify_cb(ctx) (ctx)->verify_cb
-#define DANEerr(f, r) ERR_PUT_error(err_lib_dane, (f), (r), __FILE__, __LINE__)
+#define DANEerr(f, r) ERR_PUT_error(err_lib_dane, (f), (r), __FUNCTION__, __LINE__)
if (!EVP_Digest(buf, len, cmpbuf, &cmplen, m->value->md, 0))
matched = -1;
}
if (!EVP_Digest(buf, len, cmpbuf, &cmplen, m->value->md, 0))
matched = -1;
}
if ( cmplen == d->value->datalen
&& memcmp(cmpbuf, d->value->data, cmplen) == 0)
matched = slist->value->selector + 1;
if ( cmplen == d->value->datalen
&& memcmp(cmpbuf, d->value->data, cmplen) == 0)
matched = slist->value->selector + 1;
*/
if ( !X509_set_version(cert, 2)
|| !set_serial(cert, akid, subject)
*/
if ( !X509_set_version(cert, 2)
|| !set_serial(cert, akid, subject)
|| !X509_gmtime_adj(X509_getm_notBefore(cert), -30 * 86400L)
|| !X509_gmtime_adj(X509_getm_notAfter(cert), 30 * 86400L)
|| !X509_set_subject_name(cert, name)
|| !X509_gmtime_adj(X509_getm_notBefore(cert), -30 * 86400L)
|| !X509_gmtime_adj(X509_getm_notAfter(cert), 30 * 86400L)
|| !X509_set_subject_name(cert, name)
* first (name comparisons), before we bother with signature checks
* (public key operations).
*/
* first (name comparisons), before we bother with signature checks
* (public key operations).
*/
* This may push errors onto the stack when the certificate signature is
* not of the right type or length, throw these away,
*/
* This may push errors onto the stack when the certificate signature is
* not of the right type or length, throw these away,
*/
if (X509_verify(cert, k->value) > 0)
done = wrap_issuer(dane, k->value, cert, depth, WRAP_MID) ? 1 : -1;
else
if (X509_verify(cert, k->value) > 0)
done = wrap_issuer(dane, k->value, cert, depth, WRAP_MID) ? 1 : -1;
else