diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-30 09:10:00 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-30 09:10:00 +0000 |
commit | 7a113668c158b867a5849851ee489697fe76aa5b (patch) | |
tree | 5ffb9542228bd85bcb7444b43f88bfe0ad0dcf1c | |
parent | 3b713c889e40faff855e7af9102e800b5a10a792 (diff) | |
download | gnutls-7a113668c158b867a5849851ee489697fe76aa5b.tar.gz |
*** empty log message ***
-rw-r--r-- | lib/gnutls_errors.c | 1 | ||||
-rw-r--r-- | lib/gnutls_errors_int.h | 1 | ||||
-rw-r--r-- | lib/x509/rfc2818_hostname.c | 8 | ||||
-rw-r--r-- | libextra/openpgp/openpgp.c | 2 |
4 files changed, 7 insertions, 5 deletions
diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index ca386ae735..3adaea9f26 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -55,6 +55,7 @@ static gnutls_error_entry error_algorithms[] = { ERROR_ENTRY("The Diffie Hellman prime sent by the server is not acceptable (not long enough).", GNUTLS_E_DH_PRIME_UNACCEPTABLE, 1 ), ERROR_ENTRY("A TLS packet with unexpected length was received.", GNUTLS_E_UNEXPECTED_PACKET_LENGTH, 1 ), ERROR_ENTRY("The specified session has been invalidated for some reason.", GNUTLS_E_INVALID_SESSION, 1 ), + ERROR_ENTRY("The specified name does not match the name in the certificate.", GNUTLS_E_NAME_DOES_NOT_MATCH, 1 ), ERROR_ENTRY("GnuTLS internal error.", GNUTLS_E_INTERNAL_ERROR, 1 ), ERROR_ENTRY("An illegal TLS extension was received.", GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION, 1 ), diff --git a/lib/gnutls_errors_int.h b/lib/gnutls_errors_int.h index 3f64c626d7..e5d181e01f 100644 --- a/lib/gnutls_errors_int.h +++ b/lib/gnutls_errors_int.h @@ -122,6 +122,7 @@ #define GNUTLS_E_OPENPGP_KEYRING_ERROR -204 #define GNUTLS_E_X509_UNSUPPORTED_OID -205 +#define GNUTLS_E_NAME_DOES_NOT_MATCH -206 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 diff --git a/lib/x509/rfc2818_hostname.c b/lib/x509/rfc2818_hostname.c index f5985f06ed..a3c4a03048 100644 --- a/lib/x509/rfc2818_hostname.c +++ b/lib/x509/rfc2818_hostname.c @@ -113,7 +113,7 @@ int gnutls_x509_crt_check_hostname(gnutls_x509_crt cert, if (ret == GNUTLS_SAN_DNSNAME) { found_dnsname = 1; if (_gnutls_hostname_compare(dnsname, hostname)) { - return 1; + return GNUTLS_E_NAME_DOES_NOT_MATCH; } } @@ -124,14 +124,14 @@ int gnutls_x509_crt_check_hostname(gnutls_x509_crt cert, */ dnsnamesize = sizeof(dnsname); if (gnutls_x509_crt_get_dn_by_oid(cert, OID_X520_COMMON_NAME, 0, - 0, dnsname, &dnsnamesize) != 0) { + 0, dnsname, &dnsnamesize) < 0) { /* got an error, can't find a name */ - return 0; + return GNUTLS_E_NAME_DOES_NOT_MATCH; } if (_gnutls_hostname_compare(dnsname, hostname)) { - return 1; + return GNUTLS_E_NAME_DOES_NOT_MATCH; } } diff --git a/libextra/openpgp/openpgp.c b/libextra/openpgp/openpgp.c index 5ebdab7625..8ad688f67e 100644 --- a/libextra/openpgp/openpgp.c +++ b/libextra/openpgp/openpgp.c @@ -505,7 +505,7 @@ int gnutls_openpgp_key_check_hostname(gnutls_openpgp_key key, dnsname, &dnsnamesize); if (_gnutls_hostname_compare(dnsname, hostname)) { - return 1; + return GNUTLS_E_NAME_DOES_NOT_MATCH; } } |