openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00
Code Activity

Disallow wildcard matching of a TLD specified as a FQDN.

Browse Source 
Found by Frank Denis.

ok tb@
This commit is contained in:
jsing
2026-05-30 17:06:09 +00:00
parent 7ba5aa4bbc
commit d9396b5590
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/libtls/tls_verify.c
+4 -1
View File
@@ -1,4 +1,4 @@
/* $OpenBSD: tls_verify.c,v 1.33 2026/03/28 11:33:33 tb Exp $ */
/* $OpenBSD: tls_verify.c,v 1.34 2026/05/30 17:06:09 jsing Exp $ */
/*
* Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
*
@@ -59,6 +59,9 @@ tls_match_name(const char *cert_name, const char *name)
/* Disallow "*.bar" */
if (next_dot == NULL)
return -1;
/* Disallow "*.bar." */
if (next_dot[1] == '\0')
return -1;
/* Disallow "*.bar.." */
if (next_dot[1] == '.')
return -1;