[openssl-commits] [openssl] OpenSSL source code branch master updated. 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1
Rich Salz
rsalz at openssl.org
Tue Jan 6 20:30:21 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, master has been updated
via 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1 (commit)
from a09474dd2df89d5719b58bf6b3110344ea046ab9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Jan 6 15:29:28 2015 -0500
RT3662: Allow leading . in nameConstraints
Change by SteveH from original by John Denker (in the RT)
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/x509v3/v3_ncons.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index 06520fe..25c1855 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -405,7 +405,7 @@ static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
if (dns->length > base->length)
{
dnsptr += dns->length - base->length;
- if (dnsptr[-1] != '.')
+ if (*baseptr != '.' && dnsptr[-1] != '.')
return X509_V_ERR_PERMITTED_VIOLATION;
}
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list