git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Support optional server certificate name checking. Bug 1479
[exim.git]
/
src
/
src
/
tlscert-openssl.c
diff --git
a/src/src/tlscert-openssl.c
b/src/src/tlscert-openssl.c
index 29095782acd20d5643ff87c768732d7272d73556..0614b4025c8c0700c5739978bf988ff4e07e403b 100644
(file)
--- a/
src/src/tlscert-openssl.c
+++ b/
src/src/tlscert-openssl.c
@@
-237,6
+237,7
@@
uschar sep = '\n';
uschar * tag = US"";
uschar * ele;
int match = -1;
uschar * tag = US"";
uschar * ele;
int match = -1;
+int len;
if (!san) return NULL;
if (!san) return NULL;
@@
-262,19
+263,26
@@
while (sk_GENERAL_NAME_num(san) > 0)
case GEN_DNS:
tag = US"DNS";
ele = ASN1_STRING_data(namePart->d.dNSName);
case GEN_DNS:
tag = US"DNS";
ele = ASN1_STRING_data(namePart->d.dNSName);
+ len = ASN1_STRING_length(namePart->d.dNSName);
break;
case GEN_URI:
tag = US"URI";
ele = ASN1_STRING_data(namePart->d.uniformResourceIdentifier);
break;
case GEN_URI:
tag = US"URI";
ele = ASN1_STRING_data(namePart->d.uniformResourceIdentifier);
+ len = ASN1_STRING_length(namePart->d.uniformResourceIdentifier);
break;
case GEN_EMAIL:
tag = US"MAIL";
ele = ASN1_STRING_data(namePart->d.rfc822Name);
break;
case GEN_EMAIL:
tag = US"MAIL";
ele = ASN1_STRING_data(namePart->d.rfc822Name);
+ len = ASN1_STRING_length(namePart->d.rfc822Name);
break;
default:
continue; /* ignore unrecognised types */
}
break;
default:
continue; /* ignore unrecognised types */
}
- list = string_append_listele(list, sep,
+ if (ele[len]) /* not nul-terminated */
+ ele = string_copyn(ele, len);
+
+ if (strnlen(CS ele, len) == len) /* ignore any with embedded nul */
+ list = string_append_listele(list, sep,
match == -1 ? string_sprintf("%s=%s", tag, ele) : ele);
}
match == -1 ? string_sprintf("%s=%s", tag, ele) : ele);
}