diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-04-21 18:51:56 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-04-21 18:53:02 +0200 |
commit | f7f7eb25e59fe18796e70e3802ba90f21020c5f5 (patch) | |
tree | 202702809b3d5acf1a622f47da415de6ebe1fd7f | |
parent | f52e1be8325170a4752986197037e0ad9735572d (diff) | |
download | gnutls-f7f7eb25e59fe18796e70e3802ba90f21020c5f5.tar.gz |
gnutls_x509_crt_check_hostname() will never compare against IPaddress.
(previous comparison was flawed)
-rw-r--r-- | lib/x509/rfc2818_hostname.c | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/lib/x509/rfc2818_hostname.c b/lib/x509/rfc2818_hostname.c index 676be34837..46606fd494 100644 --- a/lib/x509/rfc2818_hostname.c +++ b/lib/x509/rfc2818_hostname.c @@ -80,16 +80,6 @@ gnutls_x509_crt_check_hostname (gnutls_x509_crt_t cert, const char *hostname) return 1; } } - else if (ret == GNUTLS_SAN_IPADDRESS) - { - found_dnsname = 1; /* RFC 2818 is unclear whether the CN - should be compared for IP addresses - too, but we won't do it. */ - if (_gnutls_hostname_compare (dnsname, dnsnamesize, hostname)) - { - return 1; - } - } } if (!found_dnsname) |