*/
static char *ossl_strerror(unsigned long error, char *buf, size_t size)
{
+#ifdef OPENSSL_IS_BORINGSSL
+ ERR_error_string_n((uint32_t)error, buf, size);
+#else
ERR_error_string_n(error, buf, size);
+#endif
return buf;
}
altnames = X509_get_ext_d2i(server_cert, NID_subject_alt_name, NULL, NULL);
if(altnames) {
+#ifdef OPENSSL_IS_BORINGSSL
+ size_t numalts;
+ size_t i;
+#else
int numalts;
int i;
+#endif
bool dnsmatched = FALSE;
bool ipmatched = FALSE;
}
#endif
+#ifdef OPENSSL_IS_BORINGSSL
+typedef uint32_t ctx_option_t;
+#else
+typedef long ctx_option_t;
+#endif
+
static CURLcode
-set_ssl_version_min_max(long *ctx_options, struct connectdata *conn,
+set_ssl_version_min_max(ctx_option_t *ctx_options, struct connectdata *conn,
int sockindex)
{
#if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION)
X509_LOOKUP *lookup = NULL;
curl_socket_t sockfd = conn->sock[sockindex];
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
- long ctx_options = 0;
+ ctx_option_t ctx_options = 0;
+
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
bool sni;
const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
return 0; /* all is fine */
}
+#ifdef OPENSSL_IS_BORINGSSL
+typedef size_t numcert_t;
+#else
+typedef int numcert_t;
+#endif
+
static CURLcode get_cert_chain(struct connectdata *conn,
struct ssl_connect_data *connssl)
STACK_OF(X509) *sk;
int i;
struct Curl_easy *data = conn->data;
- int numcerts;
+ numcert_t numcerts;
BIO *mem;
sk = SSL_get_peer_cert_chain(BACKEND->handle);
numcerts = sk_X509_num(sk);
- result = Curl_ssl_init_certinfo(data, numcerts);
+ result = Curl_ssl_init_certinfo(data, (int)numcerts);
if(result) {
return result;
}
mem = BIO_new(BIO_s_mem());
- for(i = 0; i < numcerts; i++) {
+ for(i = 0; i < (int)numcerts; i++) {
ASN1_INTEGER *num;
X509 *x = sk_X509_value(sk, i);
EVP_PKEY *pubkey = NULL;