generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

RT3662: Allow leading . in nameConstraints

Browse Source 
Change by SteveH from original by John Denker (in the RT)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1)
This commit is contained in:
Dr. Stephen Henson 2015-01-06 15:29:28 -05:00 committed by Rich Salz
parent a97c208c5a
commit 8fb2c9922a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/x509v3/v3_ncons.c
View File

@ -401,7 +401,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
if (dns->length > base->length) if (dns->length > base->length)
{ {
dnsptr += dns->length - base->length; dnsptr += dns->length - base->length;
if (dnsptr[-1] != '.') if (*baseptr != '.' && dnsptr[-1] != '.')
return X509_V_ERR_PERMITTED_VIOLATION; return X509_V_ERR_PERMITTED_VIOLATION;
} }