diff options
-rw-r--r-- | lib/x509/output.c | 36 |
1 files changed, 34 insertions, 2 deletions
diff --git a/lib/x509/output.c b/lib/x509/output.c index e81c1fb10f..f647e8a193 100644 --- a/lib/x509/output.c +++ b/lib/x509/output.c @@ -354,6 +354,17 @@ print_crldist (gnutls_string * str, gnutls_x509_crt_t cert) return; } + if ((err == GNUTLS_SAN_DNSNAME + || err == GNUTLS_SAN_RFC822NAME + || err == GNUTLS_SAN_URI) && + strlen (buffer) != size) + { + adds (str, _("warning: distributionPoint contains an embedded NUL, " + "replacing with '!'\n")); + while (strlen (buffer) < size) + buffer[strlen (buffer)] = '!'; + } + switch (err) { case GNUTLS_SAN_DNSNAME: @@ -552,6 +563,17 @@ print_san (gnutls_string * str, const char *prefix, int type, return; } + if ((err == GNUTLS_SAN_DNSNAME + || err == GNUTLS_SAN_RFC822NAME + || err == GNUTLS_SAN_URI) && + strlen (buffer) != size) + { + adds (str, _("warning: SAN contains an embedded NUL, " + "replacing with '!'\n")); + while (strlen (buffer) < size) + buffer[strlen (buffer)] = '!'; + } + switch (err) { case GNUTLS_SAN_DNSNAME: @@ -623,8 +645,18 @@ print_san (gnutls_string * str, const char *prefix, int type, } if (err == GNUTLS_SAN_OTHERNAME_XMPP) - addf (str, _("%s\t\t\tXMPP Address: %.*s\n"), prefix, - (int) size, buffer); + { + if (strlen (buffer) != size) + { + adds (str, _("warning: SAN contains an embedded NUL, " + "replacing with '!'\n")); + while (strlen (buffer) < size) + buffer[strlen (buffer)] = '!'; + } + + addf (str, _("%s\t\t\tXMPP Address: %.*s\n"), prefix, + (int) size, buffer); + } else { addf (str, _("%s\t\t\totherName OID: %.*s\n"), prefix, |