wolfssl

Commit Graph

Author	SHA1	Message	Date
David Garske	1f16b36402	Fixes for `MatchDomainName` to properly detect failures: * Fix `MatchDomainName` to also check for remaining len on success check. * Enhanced `DNS_entry` to include actual ASN.1 length and use it thoughout (was using XSTRLEN). Added additional tests for matching on domain name: * Check for bad common name with embedded null (CN=localhost\0h, Alt=None) - Note: Trouble creating cert with this criteria * Check for bad alternate name with embedded null (CN=www.nomatch.com, Alt=localhost\0h) * Check for bad common name (CN=www.nomatch.com, Alt=None) * Check for bad alternate name (CN=www.nomatch.com, Alt=www.nomatch.com) * Check for good wildcard common name (CN=localhost, Alt=None) Check for good wildcard alternate name (CN=www.nomatch.com, Alt=*localhost)	2018-06-12 14:15:34 -07:00

Author

SHA1

Message

Date

David Garske

1f16b36402

Fixes for `MatchDomainName` to properly detect failures:

* Fix `MatchDomainName` to also check for remaining len on success check.
* Enhanced `DNS_entry` to include actual ASN.1 length and use it thoughout (was using XSTRLEN).

Added additional tests for matching on domain name:
* Check for bad common name with embedded null (CN=localhost\0h, Alt=None) - Note: Trouble creating cert with this criteria
* Check for bad alternate name with embedded null (CN=www.nomatch.com, Alt=localhost\0h)
* Check for bad common name (CN=www.nomatch.com, Alt=None)
* Check for bad alternate name (CN=www.nomatch.com, Alt=www.nomatch.com)
* Check for good wildcard common name (CN=*localhost, Alt=None)
* Check for good wildcard alternate name (CN=www.nomatch.com, Alt=*localhost)

2018-06-12 14:15:34 -07:00

1 Commits (1f16b36402d4925b3d64ca45d00e8674978b5fa6)