-
-
Notifications
You must be signed in to change notification settings - Fork 10k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify flags argument of X509_check_ip #17536
Conversation
None of the supported options have any effect on X509_check_ip_asc. (iPAddress is not a typo, it is what RFC 5280 calls subject alternative names that are IP addresses.) Refs: openssl/openssl#17536
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536
X509_check_ip passes the flags to do_x509_check which does use them. |
@paulidale While that's technically true, I don't think any of the flags affect the behavior of
Lines 938 to 944 in e304aa8
The remaining four flags ( openssl/doc/man3/X509_check_host.pod Lines 104 to 122 in 15b7175
|
Because no supported flag affects the behavior of X509_check_ip, the flags argument currently has no effect.
Sigh, this is way too convoluted. |
@paulidale I'm not sure I understand what this means. IP addresses are not stored as text (RFC 5280):
As far as I can tell, |
Way too convoluted. |
Agreed 😃 |
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: #41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: nodejs#41571
This pull request is ready to merge |
Because no supported flag affects the behavior of X509_check_ip, the flags argument currently has no effect. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #17536)
Merged to master and 3.0 branches. Thank you for your contribution. |
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: #41571 PR-URL: #41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: #41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: #41571 PR-URL: #41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: nodejs#41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: nodejs#41571 PR-URL: nodejs#41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: #41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: #41571 PR-URL: #41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: #41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: #41571 PR-URL: #41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: #41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: #41571 PR-URL: #41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
None of the supported options have any effect on X509_check_ip_asc. Refs: openssl/openssl#17536 PR-URL: #41571 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Wildcard options do not affect X509_check_email. Refs: openssl/openssl#17536 Refs: #41571 PR-URL: #41599 Reviewed-By: Tierney Cyren <hello@bnb.im> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Because no supported flag affects the behavior of
X509_check_ip
, theflags
argument currently has no effect. Clarify this in the documentation to avoid confusion.Checklist