From: tb Date: Wed, 5 Jan 2022 17:44:30 +0000 (+0000) Subject: Hoist IPAddressFamily_cmp() to the other IPAddressFamily functions. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=063160b29ac2c3c26154ad5b328639710a1fef01;p=openbsd Hoist IPAddressFamily_cmp() to the other IPAddressFamily functions. ok inoguchi jsing --- diff --git a/lib/libcrypto/x509/x509_addr.c b/lib/libcrypto/x509/x509_addr.c index acf1321c93b..54cfd485cdf 100644 --- a/lib/libcrypto/x509/x509_addr.c +++ b/lib/libcrypto/x509/x509_addr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_addr.c,v 1.67 2022/01/05 17:43:04 tb Exp $ */ +/* $OpenBSD: x509_addr.c,v 1.68 2022/01/05 17:44:30 tb Exp $ */ /* * Contributed to the OpenSSL Project by the American Registry for * Internet Numbers ("ARIN"). @@ -452,6 +452,34 @@ IPAddressFamily_afi_length(const IPAddressFamily *f, int *out_length) return 1; } +#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) + +/* + * Sort comparison function for a sequence of IPAddressFamily. + * + * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about + * the ordering: I can read it as meaning that IPv6 without a SAFI + * comes before IPv4 with a SAFI, which seems pretty weird. The + * examples in appendix B suggest that the author intended the + * null-SAFI rule to apply only within a single AFI, which is what I + * would have expected and is what the following code implements. + */ +static int +IPAddressFamily_cmp(const IPAddressFamily *const *a_, + const IPAddressFamily *const *b_) +{ + const ASN1_OCTET_STRING *a = (*a_)->addressFamily; + const ASN1_OCTET_STRING *b = (*b_)->addressFamily; + int len, cmp; + + len = MINIMUM(a->length, b->length); + + if ((cmp = memcmp(a->data, b->data, len)) != 0) + return cmp; + + return a->length - b->length; +} + /* * Extract the AFI from an IPAddressFamily. * @@ -1130,34 +1158,6 @@ X509v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi, return afi_len; } -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -/* - * Sort comparison function for a sequence of IPAddressFamily. - * - * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about - * the ordering: I can read it as meaning that IPv6 without a SAFI - * comes before IPv4 with a SAFI, which seems pretty weird. The - * examples in appendix B suggest that the author intended the - * null-SAFI rule to apply only within a single AFI, which is what I - * would have expected and is what the following code implements. - */ -static int -IPAddressFamily_cmp(const IPAddressFamily *const *a_, - const IPAddressFamily *const *b_) -{ - const ASN1_OCTET_STRING *a = (*a_)->addressFamily; - const ASN1_OCTET_STRING *b = (*b_)->addressFamily; - int len, cmp; - - len = MINIMUM(a->length, b->length); - - if ((cmp = memcmp(a->data, b->data, len)) != 0) - return cmp; - - return a->length - b->length; -} - /* * Check whether an IPAddrBLocks is in canonical form. */