yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:55:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix comparison between different name types

Browse Source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-07-21 13:22:41 +02:00
parent 7d2a4d873f
commit f3e4bd8632
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
library/x509_crt.c
View File

@ -3007,6 +3007,25 @@ static int x509_crt_check_cn( const mbedtls_x509_buf *name,
return( -1 ); return( -1 );
} }
/*
* Check for SAN match, see RFC 5280 Section 4.2.1.6
*/
static int x509_crt_check_san( const mbedtls_x509_buf *name,
const char *cn, size_t cn_len )
{
const unsigned char san_type = (unsigned char) name->tag &
MBEDTLS_ASN1_TAG_VALUE_MASK;
/* dNSName */
if( san_type == MBEDTLS_X509_SAN_DNS_NAME )
return( x509_crt_check_cn( name, cn, cn_len ) );
/* (We may handle other types here later.) */
/* Unrecognized type */
return( -1 );
}
/* /*
* Verify the requested CN - only call this if cn is not NULL! * Verify the requested CN - only call this if cn is not NULL!
*/ */
@ -3022,7 +3041,7 @@ static void x509_crt_verify_name( const mbedtls_x509_crt *crt,
{ {
for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next ) for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next )
{ {
if( x509_crt_check_cn( &cur->buf, cn, cn_len ) == 0 ) if( x509_crt_check_san( &cur->buf, cn, cn_len ) == 0 )
break; break;
} }