From 7c1b43b4208c3bb984dae7249c0f5a34061fea3a Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 23 Jan 2019 14:33:35 +0000 Subject: [PATCH] Fix sole pinset validation with ssl_dane library --- src/openssl/tls-internal.h | 2 +- src/openssl/tls.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openssl/tls-internal.h b/src/openssl/tls-internal.h index e640150d..615f79e3 100644 --- a/src/openssl/tls-internal.h +++ b/src/openssl/tls-internal.h @@ -67,7 +67,7 @@ typedef struct _getdns_tls_connection { const getdns_log_config* log; #if defined(USE_DANESSL) const char* auth_name; - sha256_pin_t* pinset; + const sha256_pin_t* pinset; #endif } _getdns_tls_connection; diff --git a/src/openssl/tls.c b/src/openssl/tls.c index 33e37a4c..3a8878ce 100644 --- a/src/openssl/tls.c +++ b/src/openssl/tls.c @@ -904,7 +904,7 @@ getdns_return_t _getdns_tls_connection_set_host_pinset(_getdns_tls_connection* c if (!conn || !conn->ssl || !auth_name) return GETDNS_RETURN_INVALID_PARAMETER; -#if defined(USE_DANE_SSL) +#if defined(USE_DANESSL) /* Stash auth name and pinset away for use in cert verification. */ conn->auth_name = auth_name; conn->pinset = pinset;