oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Validate that issuerAltName and subjectAltName isn't empty.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16123 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-10-04 08:59:54 +00:00
parent af4ec70bf2
commit 1e22f60639
1 changed files with 32 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
lib/hx509/print.c
View File

@@ -187,9 +187,10 @@ check_subjectKeyIdentifier(hx509_validate_ctx ctx,
}
static int
check_subjectAltName(hx509_validate_ctx ctx,
enum critical_flag cf,
const Extension *e)
check_altName(hx509_validate_ctx ctx,
const char *name,
enum critical_flag cf,
const Extension *e)
{
GeneralNames gn;
size_t size;
@@ -197,11 +198,19 @@ check_subjectAltName(hx509_validate_ctx ctx,
check_Null(ctx, cf, e);
if (e->extnValue.length == 0) {
printf("%sAltName empty, not allowed", name);
return 1;
}
ret = decode_GeneralNames(e->extnValue.data, e->extnValue.length,
&gn, &size);
if (ret) {
printf("\tret = %d while decoding GeneralNames\n", ret);
return 0;
printf("\tret = %d while decoding %s GeneralNames\n", ret, name);
return 1;
}
if (gn.len == 0) {
printf("%sAltName generalName empty, not allowed", name);
return 1;
}
free_GeneralNames(&gn);
@@ -209,6 +218,23 @@ check_subjectAltName(hx509_validate_ctx ctx,
return 0;
}
static int
check_subjectAltName(hx509_validate_ctx ctx,
enum critical_flag cf,
const Extension *e)
{
return check_altName(ctx, "subject", cf, e);
}
static int
check_issuerAltName(hx509_validate_ctx ctx,
enum critical_flag cf,
const Extension *e)
{
return check_altName(ctx, "issuer", cf, e);
}
static int
check_basicConstraints(hx509_validate_ctx ctx,
enum critical_flag cf,
@@ -251,7 +277,7 @@ struct {
{ ext(subjectKeyIdentifier, subjectKeyIdentifier), M_N_C },
{ ext(keyUsage, Null), S_C },
{ ext(subjectAltName, subjectAltName), M_N_C },
{ ext(issuerAltName, Null), S_N_C },
{ ext(issuerAltName, issuerAltName), S_N_C },
{ ext(basicConstraints, basicConstraints), M_C },
{ ext(cRLNumber, Null), M_N_C },
{ ext(cRLReasons, Null), M_N_C },