[PATCH] openssl 1.0.2 hostname checking code is broken
David Woodhouse
dwmw2 at infradead.org
Fri Oct 23 05:04:04 PDT 2015
On Sat, 2015-10-17 at 12:46 -0400, Jon DeVree wrote:
> The new code that lets OpenSSL 1.0.2 do the hostname checking internally
> is slightly off. Attached is the very simple patch for it.
Applied; thanks.
> I'm assuming the +1 got in there during testing to make sure
> openssl was doing match failures right.
Yeah, I'm fairly sure you're right.
--
David Woodhouse Open Source Technology Centre
David.Woodhouse at intel.com Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20151023/1736996c/attachment.bin>
More information about the openconnect-devel
mailing list