diff options
author | Emilia Kasper <emilia@openssl.org> | 2015-02-05 16:38:54 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2015-02-10 15:35:20 +0100 |
commit | 0923e7df9eafec6db9c75405d7085ec8581f01bd (patch) | |
tree | 11b45d8564c5886867afd633ea04d3e6b56737aa /crypto/x509v3/v3_utl.c | |
parent | efb4597345a0ae31ac81f9dfb783f3eef420122b (diff) |
Fix hostname validation in the command-line tool to honour negative return values.
Specifically, an ASN.1 NumericString in the certificate CN will fail UTF-8 conversion
and result in a negative return value, which the "x509 -checkhost" command-line option
incorrectly interpreted as success.
Also update X509_check_host docs to reflect reality.
Thanks to Sean Burford (Google) for reporting this issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/x509v3/v3_utl.c')
-rw-r--r-- | crypto/x509v3/v3_utl.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index 1ad3999c92..cd7a9809ca 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -889,8 +889,13 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, int astrlen; unsigned char *astr; astrlen = ASN1_STRING_to_UTF8(&astr, a); - if (astrlen < 0) + if (astrlen < 0) { + /* + * -1 could be an internal malloc failure or a decoding error from + * malformed input; we can't distinguish. + */ return -1; + } rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); if (rv > 0 && peername) *peername = BUF_strndup((char *)astr, astrlen); |