cURL / Mailing Lists / curl-library / Single Mail

curl-library

Changed logic in verifyhost()

From: Erland Costyson <erland.costyson_at_gmail.com>
Date: Mon, 23 May 2016 19:46:45 +0200

I have observed that the logic in verifyhost() in openssl.c has
changed its logic from 7.47.1 to 7.48. The change was done in commit
5f5b6263573ba70f06988f8e439feec4520b1b36 with a commit message of
"Also minor logic cleanup to simplify code" and I'm not totally sure
if the new behavior is a bug or fixed a bug.

The problem occurs at line 1070 or 1069 depending on version

if(check->type == target)

In 7.47.1 if this wasn't true "matched" was left as -1 but in 7.48
"matched" will now be false. This results in different behaviors after
the for loop checking of "matched" and "altnames" variables.

So is this a bug or did it fix a bug?

Erland
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-05-23