summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimon Josefsson <simon@josefsson.org>2009-08-07 00:39:13 +0200
committerSimon Josefsson <simon@josefsson.org>2009-08-07 01:07:56 +0200
commit40081594e3de518b998f3e5177ed5a9f7707f2e8 (patch)
treefb466447485f10f654ab0f6045651196e422e82c
parent74b6d92f9675ce4e03642c4d6ced4a3a614b07f6 (diff)
downloadgnutls-40081594e3de518b998f3e5177ed5a9f7707f2e8.tar.gz
Check for NUL in SANs and replace accordingly.
Diffstat
-rw-r--r--lib/x509/output.c36
1 files changed, 34 insertions, 2 deletions
diff --git a/lib/x509/output.c b/lib/x509/output.c
index e81c1fb10f..f647e8a193 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -354,6 +354,17 @@ print_crldist (gnutls_string * str, gnutls_x509_crt_t cert)
return;
}
+ if ((err == GNUTLS_SAN_DNSNAME
+ || err == GNUTLS_SAN_RFC822NAME
+ || err == GNUTLS_SAN_URI) &&
+ strlen (buffer) != size)
+ {
+ adds (str, _("warning: distributionPoint contains an embedded NUL, "
+ "replacing with '!'\n"));
+ while (strlen (buffer) < size)
+ buffer[strlen (buffer)] = '!';
+ }
+
switch (err)
{
case GNUTLS_SAN_DNSNAME:
@@ -552,6 +563,17 @@ print_san (gnutls_string * str, const char *prefix, int type,
return;
}
+ if ((err == GNUTLS_SAN_DNSNAME
+ || err == GNUTLS_SAN_RFC822NAME
+ || err == GNUTLS_SAN_URI) &&
+ strlen (buffer) != size)
+ {
+ adds (str, _("warning: SAN contains an embedded NUL, "
+ "replacing with '!'\n"));
+ while (strlen (buffer) < size)
+ buffer[strlen (buffer)] = '!';
+ }
+
switch (err)
{
case GNUTLS_SAN_DNSNAME:
@@ -623,8 +645,18 @@ print_san (gnutls_string * str, const char *prefix, int type,
}
if (err == GNUTLS_SAN_OTHERNAME_XMPP)
- addf (str, _("%s\t\t\tXMPP Address: %.*s\n"), prefix,
- (int) size, buffer);
+ {
+ if (strlen (buffer) != size)
+ {
+ adds (str, _("warning: SAN contains an embedded NUL, "
+ "replacing with '!'\n"));
+ while (strlen (buffer) < size)
+ buffer[strlen (buffer)] = '!';
+ }
+
+ addf (str, _("%s\t\t\tXMPP Address: %.*s\n"), prefix,
+ (int) size, buffer);
+ }
else
{
addf (str, _("%s\t\t\totherName OID: %.*s\n"), prefix,
View Lorry Controller Status