]> granicus.if.org Git - openssl/commit
projects / openssl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3d86077) | patch
Client-side namecheck wildcards.
authorViktor Dukhovni <openssl-users@dukhovni.org>
Thu, 12 Jun 2014 05:56:31 +0000 (01:56 -0400)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 12 Jun 2014 22:19:24 +0000 (23:19 +0100)
commit3cc8a3f2343cda796de90c127b9e907ca3ec2da5
tree114b82282f22b30409e2692f23c9216ace6c6f09tree | snapshot
parent3d86077427f93dc46b18fee706b567ec32ac232acommit | diff
Client-side namecheck wildcards.

A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).

With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
(cherry picked from commit e52c52f10bb8e34aaf8f28f3e5b56939e8f6b357)
crypto/x509v3/v3_utl.c diff | blob | history
crypto/x509v3/v3nametest.c diff | blob | history
crypto/x509v3/x509v3.h diff | blob | history
doc/crypto/X509_check_host.pod diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.