Fixed certificate validation inside php_openssl_apply_verification_policy

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index e80cf393e7c8ddfc07730dbed1d243b4177cd299..764b6df594723794100bc91c58c63e6df313acc6 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -4583,8 +4583,15 @@ int php_openssl_apply_verification_policy(SSL *ssl, X509 *peer, php_stream *stre
        GET_VER_OPT_STRING("CN_match", cnmatch);
        if (cnmatch) {
                int match = 0;
+               int name_len = X509_NAME_get_text_by_NID(name, NID_commonName, buf, sizeof(buf));
 
-               X509_NAME_get_text_by_NID(name, NID_commonName, buf, sizeof(buf));
+               if (name_len == -1) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to locate peer certificate CN");
+                       return FAILURE;
+               } else if (name_len != strlen(buf)) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Peer certificate CN=`%.*s' is malformed", name_len, buf);
+                       return FAILURE;
+               }
 
                match = strcmp(cnmatch, buf) == 0;
                if (!match && strlen(buf) > 3 && buf[0] == '*' && buf[1] == '.') {
@@ -4599,10 +4606,7 @@ int php_openssl_apply_verification_policy(SSL *ssl, X509 *peer, php_stream *stre
 
                if (!match) {
                        /* didn't match */
-                       php_error_docref(NULL TSRMLS_CC, E_WARNING,
-                                       "Peer certificate CN=`%s' did not match expected CN=`%s'",
-                                       buf, cnmatch);
-
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Peer certificate CN=`%.*s' did not match expected CN=`%s'", name_len, buf, cnmatch);
                        return FAILURE;
                }
        }