I did this
Ran an HTTPS application using libcurl + GSKit TLS provider, connecting to a server at https://192.168.0.2:9443 who's certificate contains a SAN of:
IP Address: 127.0.0.1
DNS Name: localhost
IP Address: 192.168.0.2
DNS Name: my.local.server
I expected the following
For the connection to succeed
curl/libcurl version
curl 7.61.0 (x86_64-pc-linux-gnu) libcurl/7.61.0
Release-Date: 2018-07-11
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile SSL UnixSockets
operating system
Fedora 28
problem
It appears that the implementation of Curl_verifyhost in x509asn1.c does a memcmp of &addr and q (where q = Curl_getASN1Element(...)). Running with a debugger appears to show that (name.end - q) = 0, which when compared to addrlen fails, preventing the memcmp even happening.
I wonder if it should it be comparing addrlen to (name.end - name.beg) & memcmp-ing &addr with name.beg?
I did this
Ran an HTTPS application using libcurl + GSKit TLS provider, connecting to a server at https://192.168.0.2:9443 who's certificate contains a SAN of:
I expected the following
For the connection to succeed
curl/libcurl version
operating system
Fedora 28
problem
It appears that the implementation of Curl_verifyhost in x509asn1.c does a memcmp of &addr and q (where q = Curl_getASN1Element(...)). Running with a debugger appears to show that (name.end - q) = 0, which when compared to addrlen fails, preventing the memcmp even happening.
I wonder if it should it be comparing addrlen to (name.end - name.beg) & memcmp-ing &addr with name.beg?