diff options
| author | tb <> | 2021-12-28 15:59:13 +0000 | 
|---|---|---|
| committer | tb <> | 2021-12-28 15:59:13 +0000 | 
| commit | 4cb6e8841ebb2057eb6551992c46f0a401569801 (patch) | |
| tree | bfdc765c3802af50aa51ec0046deaae839512b03 /src/lib/libtls/tls_server.c | |
| parent | 5491024cb5cfc8b5ad8ead3147278f4272d612f9 (diff) | |
| download | openbsd-4cb6e8841ebb2057eb6551992c46f0a401569801.tar.gz openbsd-4cb6e8841ebb2057eb6551992c46f0a401569801.tar.bz2 openbsd-4cb6e8841ebb2057eb6551992c46f0a401569801.zip | |
Check for trailing garbage in X509_addr_get_afi()
Per RFC 3779 2.2.3.3, the addressFamily field contains the 2-byte AFI
and an optional 1-byte SAFI. Nothing else. The optional SAFI is nowhere
exposed in the API. It is used expliclty only for pretty printing. There
are implicit uses in a few places, notably for sorting/comparing where
trailing garbage would be erroneously taken into account.
Erroring in this situation will let us avoid this in upcoming revisions.
ok inoguchi jsing
Diffstat (limited to 'src/lib/libtls/tls_server.c')
0 files changed, 0 insertions, 0 deletions
