Mailing Lists
|
|
cURL Mailing List Monthly Index Single Mail
curl-tracker Archives
[curl:bugs] #1220 Hostname validation fails for certs with empty Subject
From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Tue, 07 May 2013 21:03:37 +0000
Thanks for the report, a slightly edited version of your patch was just pushed as commit bdb396ef2af
--- ** [bugs:#1220] Hostname validation fails for certs with empty Subject** **Status:** closed-fixed **Labels:** SSL/TLS **Created:** Thu May 02, 2013 11:52 PM UTC by John Gardiner Myers **Last Updated:** Fri May 03, 2013 05:59 PM UTC **Owner:** Daniel Stenberg Curl incorrectly fails hostname validation for certs with an empty Subject but a matching, critical Subject Alternative Name. Such certificates are valid per RFC 2459 4.1.2.6 The attached Perl test case demonstrates the problem. curl 7.30.0 (i686-pc-linux-gnu) libcurl/7.30.0 OpenSSL/1.0.1d zlib/1.2.5 c-ares/1.9.1 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP --- Sent from sourceforge.net because you indicated interest in <https://sourceforge.net/p/curl/bugs/1220/> To unsubscribe from further messages, please visit <https://sourceforge.net/auth/subscriptions/>Received on 2013-05-07 These mail archives are generated by hypermail. |
Page updated January 05, 2012.
web site info