[openssl-dev] null byte in hostname validation.
Viktor Dukhovni
openssl-users at dukhovni.org
Wed May 4 20:01:43 UTC 2016
On Wed, May 04, 2016 at 03:04:51PM +0200, none wrote:
> Hello, where are the parts of the code that check if a null byte is used in
> a string part of a x509 certificate ?
>
> This is purely informative. I already know about
> https://www.openssl.org/docs/manmaster/crypto/X509_check_host.html. However
> I failed to find in which function and source file that part is located.
See crypto/x509v3/v3_utl.c:
X509_check_host()
X509_check_email()
equal_nocase() (just in case :-)
--
Viktor.
More information about the openssl-dev
mailing list