diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2018-03-20 16:17:00 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2018-03-20 16:17:00 +0000 |
| commit | 7616ff17fffbefdb2f1258bef191c89aac258894 (patch) | |
| tree | 9a9a33ff65408a7c2f48d64679bf154a5532c486 /lib/libcrypto/x509v3 | |
| parent | b6627c8d810dfd226d184710969732a29bbcd09a (diff) | |
If X509_check_{host,email}() are called with a length of zero, use strlen()
to determine the length. This is the documented behaviour and matches the
OpenSSL implementation.
Issue found by Michael Gmelin <freebsd at grem dot de>.
ok tb@
Diffstat (limited to 'lib/libcrypto/x509v3')
| -rw-r--r-- | lib/libcrypto/x509v3/v3_utl.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/libcrypto/x509v3/v3_utl.c b/lib/libcrypto/x509v3/v3_utl.c index 04c789922b9..67ecc81a442 100644 --- a/lib/libcrypto/x509v3/v3_utl.c +++ b/lib/libcrypto/x509v3/v3_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: v3_utl.c,v 1.26 2017/01/29 17:49:23 beck Exp $ */ +/* $OpenBSD: v3_utl.c,v 1.27 2018/03/20 16:16:59 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -1015,7 +1015,9 @@ int X509_check_host(X509 *x, const char *chk, size_t chklen, { if (chk == NULL) return -2; - if (memchr(chk, '\0', chklen)) + if (chklen == 0) + chklen = strlen(chk); + else if (memchr(chk, '\0', chklen)) return -2; return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername); } @@ -1025,7 +1027,9 @@ int X509_check_email(X509 *x, const char *chk, size_t chklen, { if (chk == NULL) return -2; - if (memchr(chk, '\0', chklen)) + if (chklen == 0) + chklen = strlen(chk); + else if (memchr(chk, '\0', chklen)) return -2; return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL); } |