generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- Peter Sylvester made the HTTPS test server use specific certificates for

Browse Source 
each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.
This commit is contained in:
Daniel Stenberg
2009-08-11 21:48:58 +00:00
parent a9caeb1064
commit e73fe837a8
40 changed files with 1339 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
RELEASE-NOTES
View File

@@ -42,6 +42,8 @@ This release includes the following bugfixes:
o rand seeding on libcurl on windows built with OpenSSL was not thread-safe
o fixed the zero byte inserted in cert name flaw in libcurl+OpenSSL
o don't try SNI with SSLv2 or SSLv3 (OpenSSL and GnuTLS builds)
o libcurl+OpenSSL would wrongly acknowledge a cert if CN matched but
subjectAltName didn't
This release includes the following known bugs: