/openssl

Permalink
Browse files

RT3662: Allow leading . in nameConstraints 

Change by SteveH from original by John Denker (in the RT)

Reviewed-by: Rich Salz <rsalz@openssl.org>
  • Loading branch information...
@snhenson @richsalz
snhenson authored and richsalz committed Jan 6, 2015
1 parent a09474d commit 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1
Unified Split
Showing with 1 addition and 1 deletion.
  1. +1 −1 crypto/x509v3/v3_ncons.c
View
2 crypto/x509v3/v3_ncons.c
@@ -405,7 +405,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
if (dns->length > base->length)
{
dnsptr += dns->length - base->length;
if (dnsptr[-1] != '.')
if (*baseptr != '.' && dnsptr[-1] != '.')
return X509_V_ERR_PERMITTED_VIOLATION;
}

1 comment on commit 77ff1f3

@JonathonReinhart

This comment has been minimized.

Show comment
Hide comment
@JonathonReinhart

JonathonReinhart Jul 26, 2016

This was actually RT3562.

JonathonReinhart commented on 77ff1f3 Jul 26, 2016

This was actually RT3562.
Please sign in to comment.