blob: 202b2931c95853d26476891bce593b09903067af (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
--- lib/sslcommon.c 2005-01-04 14:32:11.000000000 +0100
+++ lib/sslcommon.c 2006-06-19 15:23:13.000000000 +0200
@@ -182,7 +182,18 @@
X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
{
data[sizeof (data) - 1] = '\0';
- if (strcasecmp (data, request->hostname) != 0)
+ /* Check for wildcard CN (must begin with *.) */
+ if (strncmp(data, "*.", 2) == 0)
+ {
+ int hostname_len = strlen(data) - 1;
+ if (strlen(request->hostname) > hostname_len &&
+ strcasecmp (&(data[1]), &(request->hostname[strlen(request->hostname) - hostname_len])) == 0)
+ ok = 1;
+ }
+ else if (strcasecmp (data, request->hostname) == 0)
+ ok = 1;
+
+ if (!ok)
{
request->logging_function (gftp_logging_error, request,
_("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"),
|
