[Bug 49805] SSL Wildcard support is too lenient (and a bunch of SSL tests are broken under OpenSSL)
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue May 15 17:15:55 CEST 2012
https://bugs.freedesktop.org/show_bug.cgi?id=49805
--- Comment #2 from Will Thompson <will.thompson at collabora.co.uk> 2012-05-15 08:15:55 PDT ---
Based on discussion on IRC:
+static inline gboolean
+invalid_wildcard (const char *name, int size)
is needed because GNUTLS allows wildcards anywhere in the certificate name, not
just a leading "*.". So could its guts be replaced by:
if (name[0] == '*' && name[1] == '.')
name += 2;
return index (name, '*') == NULL;
?
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
More information about the telepathy-bugs
mailing list