[gnutls-dev] Patch to lib/x509/rfc2818_hostname.c
Richard W.M. Jones
rjones at redhat.com
Fri Feb 16 12:12:53 CET 2007
Not a security problem because CAs you trust ought not to be issuing
certificates without dnsname and common name (thanks to Tomas Mraz for
correcting me on this). But it still seems wrong to be returning that
the hostname is valid if it has missing/malformed common name.
Rich.
--
Emerging Technologies, Red Hat http://et.redhat.com/~rjones/
64 Baker Street, London, W1U 7DF Mobile: +44 7866 314 421
"[Negative numbers] darken the very whole doctrines of the equations
and make dark of the things which are in their nature excessively
obvious and simple" (Francis Maseres FRS, mathematician, 1759)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rfc2818_hostname.c.patch
Type: text/x-patch
Size: 286 bytes
Desc: not available
Url : /pipermail/attachments/20070216/4eb33189/attachment.bin
More information about the Gnutls-dev
mailing list