allow ip address as constraint

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-02-19 15:25:08 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-02-19 15:25:08 +0100
commit: 6fa3371b2311c0d48f80aa7a1ff4e2db96bdaf35 (patch)
tree: 9b3b0a465be224fb74b873d9de8a16ded441fb9d /lib
parent: 84d909c750b7d3c2e5244d31c833293208dd57ac (diff)
download: gnutls-6fa3371b2311c0d48f80aa7a1ff4e2db96bdaf35.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c
index d7f59cb9eb..96ce8201c6 100644
--- a/lib/x509/name_constraints.c
+++ b/lib/x509/name_constraints.c
@@ -75,8 +75,9 @@ static int extract_name_constraints(ASN1_TYPE c2, const char *vstr,
 			break;
 		}
 
-		if (type != GNUTLS_SAN_DNSNAME && type != GNUTLS_SAN_RFC822NAME
-		    && type != GNUTLS_SAN_DN && type != GNUTLS_SAN_URI) {
+		if (type != GNUTLS_SAN_DNSNAME && type != GNUTLS_SAN_RFC822NAME &&
+		    type != GNUTLS_SAN_DN && type != GNUTLS_SAN_URI &&
+		    type != GNUTLS_SAN_IPADDRESS) {
 			gnutls_assert();
 			ret = GNUTLS_E_ILLEGAL_PARAMETER;
 			goto cleanup;
@@ -262,7 +263,7 @@ int name_constraints_add(gnutls_x509_name_constraints_t nc,
 	int ret;
 
 	if (type != GNUTLS_SAN_DNSNAME && type != GNUTLS_SAN_RFC822NAME &&
-		type != GNUTLS_SAN_DN && type != GNUTLS_SAN_URI)
+		type != GNUTLS_SAN_DN && type != GNUTLS_SAN_URI && type != GNUTLS_SAN_IPADDRESS)
 		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
 	if (type == GNUTLS_SAN_DNSNAME && name->size > 0 && name->data[0] == '.') {
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-02-19 15:25:08 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-02-19 15:25:08 +0100
commit	6fa3371b2311c0d48f80aa7a1ff4e2db96bdaf35 (patch)
tree	9b3b0a465be224fb74b873d9de8a16ded441fb9d /lib
parent	84d909c750b7d3c2e5244d31c833293208dd57ac (diff)
download	gnutls-6fa3371b2311c0d48f80aa7a1ff4e2db96bdaf35.tar.gz