You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
TL;DR
When using libcurl, at least "X509v3 Subject Alternative Name" field gets truncated after 512 characters, I didn't observe/test it on other fields
performed curl -s -v https://guce.nexage.com > /dev/null
I expected the following
with certinfo.c, show all SAN items, but got :
X509v3 Subject Alternative Name:DNS:consent.oath.com,DNS:consent.yahoo.com,DNS:guce.verizonmedia.com,DNS:guce2.oath.com,DNS:guce.alephd.com,DNS:guce.aol.ca,DNS:guce.aol.co.uk,DNS:guce.huffingtonpost.co.uk,DNS:guce.huffingtonpost.co.za,DNS:guce.huffingtonpost.com.au,DNS:guce.huffingtonpost.com.mx,DNS:guce.huffingtonpost.de,DNS:guce.huffingtonpost.es,DNS:guce.huffingtonpost.fr,DNS:guce.huffingtonpost.gr,DNS:guce.huffingtonpost.in,DNS:guce.huffingtonpost.it,DNS:guce.huffingtonpost.jp,DNS:guce.huffingtonpost.kr,DNS:guce.huffpost.com,DNS:guce
with 2nd test, show that certificate is valid : this one is ok subjectAltName: host "guce.nexage.com" matched cert's "guce.nexage.com"
curl/libcurl version
ii curl 7.58.0-2ubuntu3.8 amd64 command line tool for transferring data with URL syntax
ii libcurl3-gnutls:amd64 7.58.0-2ubuntu3.8 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
ii libcurl4:amd64 7.58.0-2ubuntu3.8 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libcurl4-openssl-dev:amd64 7.58.0-2ubuntu3.8 amd64 development files and documentation for libcurl (OpenSSL flavour)
Avoid "reparsing" the content and instead deliver more exactly what is
provided in the certificate and avoid truncating the data after 512
bytes as done previously. This no longer removes embedded newlines.
Fixes#4837
Reported-by: bnfp on github
TL;DR
When using libcurl, at least "X509v3 Subject Alternative Name" field gets truncated after 512 characters, I didn't observe/test it on other fields
I did this
curl -s -v https://guce.nexage.com > /dev/null
I expected the following
subjectAltName: host "guce.nexage.com" matched cert's "guce.nexage.com"
curl/libcurl version
[curl -V output]
operating system
uname -a
Linux r01 5.3.0-26-generic #28~18.04.1-Ubuntu SMP Wed Dec 18 16:40:14 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered: