GnuTLS vs. NULL chars in CNs

Check cert name size in _gnutls_hostname_compare() This is needed to protect against NULL (\0) characters embedded in X509 certificates' CNs or subjectAltNames, that can be used to fool SSL certificate verification as was demonstrated by Moxie Marlinspike on BH USA 2009: http://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike Signed-off-by: Simon Josefsson <simon@josefsson.org>
author: Tomas Hoger <thoger@redhat.com> 2009-08-04 10:39:24 +0200
committer: Simon Josefsson <simon@josefsson.org> 2009-08-04 13:14:50 +0200
commit: 5a58e9d33448235377afd5fbfcee1683dc70eae3 (patch)
tree: c048cffe1cd046dc40f2949547fab1a9363aeb0c /lib/openpgp/pgp.c
parent: b654091a977309a84298f3f608506c241c8cda84 (diff)
download: gnutls-5a58e9d33448235377afd5fbfcee1683dc70eae3.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c
index f23b0ccda2..fa7c0a9efa 100644
--- a/lib/openpgp/pgp.c
+++ b/lib/openpgp/pgp.c
@@ -585,7 +585,7 @@ gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key,
 
       if (ret == 0)
 	{
-	  if (_gnutls_hostname_compare (dnsname, hostname))
+	  if (_gnutls_hostname_compare (dnsname, dnsnamesize, hostname))
 	    return 1;
 	}
     }
author	Tomas Hoger <thoger@redhat.com>	2009-08-04 10:39:24 +0200
committer	Simon Josefsson <simon@josefsson.org>	2009-08-04 13:14:50 +0200
commit	5a58e9d33448235377afd5fbfcee1683dc70eae3 (patch)
tree	c048cffe1cd046dc40f2949547fab1a9363aeb0c /lib/openpgp/pgp.c
parent	b654091a977309a84298f3f608506c241c8cda84 (diff)
download	gnutls-5a58e9d33448235377afd5fbfcee1683dc70eae3.tar.gz