wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

RT3662: Allow leading . in nameConstraints

Browse source 
Change by SteveH from original by John Denker (in the RT)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 77ff1f3b8b)
This commit is contained in:
Dr. Stephen Henson 2015-01-06 15:29:28 -05:00 committed by Rich Salz
parent a97c208c5a
commit 8fb2c9922a
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/x509v3/v3_ncons.c
View file

@ -401,7 +401,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
if (dns->length > base->length)
{
dnsptr += dns->length - base->length;
if (dnsptr[-1] != '.')
if (*baseptr != '.' && dnsptr[-1] != '.')
return X509_V_ERR_PERMITTED_VIOLATION;
}