wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

X509_check_mumble() failure is <= 0, not just 0

Browse source
This commit is contained in:
Viktor Dukhovni 2014-06-22 20:14:53 -04:00
parent b3012c698a
commit a48fb0400c
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
crypto/x509/x509_vfy.c
View file

@ -748,17 +748,17 @@ static int check_id(X509_STORE_CTX *ctx)
X509_VERIFY_PARAM *vpm = ctx->param;
X509_VERIFY_PARAM_ID *id = vpm->id;
X509 *x = ctx->cert;
if (id->host && !X509_check_host(x, id->host, 0, id->hostflags))
if (id->host && X509_check_host(x, id->host, 0, id->hostflags) <= 0)
{
if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH))
return 0;
}
if (id->email && !X509_check_email(x, id->email, id->emaillen, 0))
if (id->email && X509_check_email(x, id->email, id->emaillen, 0) <= 0)
{
if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH))
return 0;
}
if (id->ip && !X509_check_ip(x, id->ip, id->iplen, 0))
if (id->ip && X509_check_ip(x, id->ip, id->iplen, 0) <= 0)
{
if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH))
return 0;