[PATCH] openssl 1.0.2 hostname checking code is broken

Jon DeVree nuxi at vault24.org
Sat Oct 17 09:46:41 PDT 2015

The new code that lets OpenSSL 1.0.2 do the hostname checking internally
is slightly off. Attached is the very simple patch for it. I'm assuming
the +1 got in there during testing to make sure openssl was doing match
failures right.

X(7): A program for managing terminal windows. See also screen(1) and tmux(1).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-use-of-X509_check_host.patch
Type: text/x-diff
Size: 896 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20151017/3f21ef86/attachment-0001.bin>

More information about the openconnect-devel mailing list