]> granicus.if.org Git - curl/commit
projects / curl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c2f9b78) | patch
openssl: accept subjectAltName iPAddress if no dNSName match
authorJay Satiro <raysatiro@yahoo.com>
Fri, 12 Aug 2016 08:10:29 +0000 (04:10 -0400)
committerJay Satiro <raysatiro@yahoo.com>
Sat, 13 Aug 2016 06:14:46 +0000 (02:14 -0400)
commitb6fcdc32eb346ab2e1ff0c60eeb3d73ed29238a4
tree4a397337d8155271304cb02e4bf346a5421ff878tree | snapshot
parentc2f9b78afe15bfb9e0fa89bbb93e7b4aafd9d7b4commit | diff
openssl: accept subjectAltName iPAddress if no dNSName match

Undo change introduced in d4643d6 which caused iPAddress match to be
ignored if dNSName was present but did not match.

Also, if iPAddress is present but does not match, and dNSName is not
present, fail as no-match. Prior to this change in such a case the CN
would be checked for a match.

Bug: https://github.com/curl/curl/issues/959
Reported-by: wmsch@users.noreply.github.com
lib/vtls/openssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.