1 files changed, 24 insertions, 3 deletions

diff --git a/lib/x509/hostname-verify.c b/lib/x509/hostname-verify.c
index c3d74f8567..7268917128 100644
--- a/lib/x509/hostname-verify.c
+++ b/lib/x509/hostname-verify.c
@@ -49,7 +49,7 @@ gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert,
 }
 
 static int
-check_ip(gnutls_x509_crt_t cert, const void *ip, unsigned ip_size, unsigned flags)
+check_ip(gnutls_x509_crt_t cert, const void *ip, unsigned ip_size)
 {
 	char temp[16];
 	size_t temp_size;
@@ -92,6 +92,27 @@ static int has_embedded_null(const char *str, unsigned size)
 }
 
 /**
+ * gnutls_x509_crt_check_ip:
+ * @cert: should contain an gnutls_x509_crt_t type
+ * @ip: A pointer to the raw IP address
+ * @ip_size: the number of bytes in ip (4 or 16)
+ * @flags: should be zero
+ *
+ * This function will check if the IP allowed IP addresses in 
+ * the certificate's subject alternative name match the provided
+ * IP address.
+ *
+ * Returns: non-zero for a successful match, and zero on failure.
+ **/
+unsigned
+gnutls_x509_crt_check_ip(gnutls_x509_crt_t cert,
+			 const unsigned char *ip, unsigned int ip_size,
+			 unsigned int flags)
+{
+	return check_ip(cert, ip, ip_size);
+}
+
+/**
  * gnutls_x509_crt_check_hostname2:
  * @cert: should contain an gnutls_x509_crt_t type
  * @hostname: A null terminated string that contains a DNS name
@@ -141,9 +162,9 @@ gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert,
 				gnutls_assert();
 				goto hostname_fallback;
 			}
-			ret = check_ip(cert, &ipv6, 16, flags);
+			ret = check_ip(cert, &ipv6, 16);
 		} else {
-			ret = check_ip(cert, &ipv4, 4, flags);
+			ret = check_ip(cert, &ipv4, 4);
 		}
 
 		if (ret != 0)