cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL cert error

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Sun, 20 Jun 2004 23:33:13 +0200 (CEST)

On Sat, 19 Jun 2004, Gisle Vanem wrote:

> I've added a simple cert_hostcheck() function that should handle '*'
> wildcard(s) correctly. The function is recursive! (probably the only one in
> libcurl). Hopefully the depth shouldn't be a problem.

I doubt that will be a problem.

I did find another thing in your patch that might cause problems though:

The assumption that the 'altptr' data is zero terminated (when doing the
subjectAltName checks). The OpenSSL man page explicitly says: "In general it
cannot be assumed that the data returned by ASN1_STRING_data() is null
terminated or does not contain embedded nulls."

I figure your wildcard function needs a length parameter too or something...

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html

Received on 2004-06-20

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: [PyCURL] READFUNCTION not getting called?"
Previous message: Guenter Knauf: "problem with buildlog upload form"
In reply to: Gisle Vanem: "Re: SSL cert error"
Next in thread: Gisle Vanem: "Re: SSL cert error"
Reply: Gisle Vanem: "Re: SSL cert error"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]