Prefix and unexport a2i_ipadd.
This is a bit short of a name to take, and no one seems to be using
it. (OpenSSL has renamed it, but not unexported it.)
Change-Id: I0de74d4d4812678ac3b1ec4b1b126a7748fe952b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48129
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index ae3a7e8..5a881d6 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -64,6 +64,7 @@
#include "internal.h"
#include "../internal.h"
+#include "../x509v3/internal.h"
/* X509_VERIFY_PARAM functions */
@@ -498,7 +499,7 @@
unsigned char ipout[16];
size_t iplen;
- iplen = (size_t)a2i_ipadd(ipout, ipasc);
+ iplen = (size_t)x509v3_a2i_ipadd(ipout, ipasc);
if (iplen == 0)
return 0;
return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen);
diff --git a/crypto/x509v3/internal.h b/crypto/x509v3/internal.h
index 245a5d1..e510b40 100644
--- a/crypto/x509v3/internal.h
+++ b/crypto/x509v3/internal.h
@@ -53,6 +53,13 @@
// invalid.
int x509v3_cache_extensions(X509 *x);
+// x509v3_a2i_ipadd decodes |ipasc| as an IPv4 or IPv6 address. IPv6 addresses
+// use colon-separated syntax while IPv4 addresses use dotted decimal syntax. If
+// it decodes an IPv4 address, it writes the result to the first four bytes of
+// |ipout| and returns four. If it decodes an IPv6 address, it writes the result
+// to all 16 bytes of |ipout| and returns 16. Otherwise, it returns zero.
+int x509v3_a2i_ipadd(unsigned char ipout[16], const char *ipasc);
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index c0952c0..4d0824d 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -1112,7 +1112,7 @@
if (ipasc == NULL)
return -2;
- iplen = (size_t)a2i_ipadd(ipout, ipasc);
+ iplen = (size_t)x509v3_a2i_ipadd(ipout, ipasc);
if (iplen == 0)
return -2;
return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
@@ -1129,10 +1129,7 @@
ASN1_OCTET_STRING *ret;
int iplen;
- /* If string contains a ':' assume IPv6 */
-
- iplen = a2i_ipadd(ipout, ipasc);
-
+ iplen = x509v3_a2i_ipadd(ipout, ipasc);
if (!iplen)
return NULL;
@@ -1161,12 +1158,12 @@
p = iptmp + (p - ipasc);
*p++ = 0;
- iplen1 = a2i_ipadd(ipout, iptmp);
+ iplen1 = x509v3_a2i_ipadd(ipout, iptmp);
if (!iplen1)
goto err;
- iplen2 = a2i_ipadd(ipout + iplen1, p);
+ iplen2 = x509v3_a2i_ipadd(ipout + iplen1, p);
OPENSSL_free(iptmp);
iptmp = NULL;
@@ -1190,7 +1187,7 @@
return NULL;
}
-int a2i_ipadd(unsigned char *ipout, const char *ipasc)
+int x509v3_a2i_ipadd(unsigned char *ipout, const char *ipasc)
{
/* If string contains a ':' assume IPv6 */
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 2e49093..003eb12 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -884,7 +884,6 @@
OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
-OPENSSL_EXPORT int a2i_ipadd(unsigned char *ipout, const char *ipasc);
OPENSSL_EXPORT int X509V3_NAME_from_section(X509_NAME *nm,
STACK_OF(CONF_VALUE) *dn_sk,
unsigned long chtype);