[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/libraries/libldap tls_o.c

hyc@OpenLDAP.org wrote:
Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap

Modified Files:
	tls_o.c  1.8 ->  1.9

Log Message:
Check for CN length match as well in chkhost

Fyi, tls_g.c (GnuTLS support) already does this correctly. A quick browse thru my Mozilla source tree shows that MozNSS does this check incorrectly. I will probably have to write an equivalent chkhost function for tls_m.c and disable their default verifier.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/