cURL
Haxx ad
libcurl

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-tracker Archives

[curl:bugs] #1220 Hostname validation fails for certs with empty Subject

From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Tue, 07 May 2013 21:03:37 +0000

Thanks for the report, a slightly edited version of your patch was just pushed as commit bdb396ef2af

---
** [bugs:#1220] Hostname validation fails for certs with empty Subject**
**Status:** closed-fixed
**Labels:** SSL/TLS 
**Created:** Thu May 02, 2013 11:52 PM UTC by John Gardiner Myers
**Last Updated:** Fri May 03, 2013 05:59 PM UTC
**Owner:** Daniel Stenberg
Curl incorrectly fails hostname validation for certs with an empty Subject but a matching, critical Subject Alternative Name. Such certificates are valid per RFC 2459 4.1.2.6
The attached Perl test case demonstrates the problem.
curl 7.30.0 (i686-pc-linux-gnu) libcurl/7.30.0 OpenSSL/1.0.1d zlib/1.2.5 c-ares/1.9.1
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
---
Sent from sourceforge.net because you indicated interest in <https://sourceforge.net/p/curl/bugs/1220/>
To unsubscribe from further messages, please visit <https://sourceforge.net/auth/subscriptions/>
Received on 2013-05-07

These mail archives are generated by hypermail.

donate! Page updated January 05, 2012.
web site info

File upload with ASP.NET