diff options
Diffstat (limited to 'src/lib/libcrypto/x509/x509_utl.c')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_utl.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_utl.c b/src/lib/libcrypto/x509/x509_utl.c index 4641152f74..0fa6ea6d54 100644 --- a/src/lib/libcrypto/x509/x509_utl.c +++ b/src/lib/libcrypto/x509/x509_utl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_utl.c,v 1.1 2020/06/04 15:19:32 jsing Exp $ */ | 1 | /* $OpenBSD: x509_utl.c,v 1.2 2020/09/13 15:06:17 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -988,7 +988,8 @@ do_x509_check(X509 *x, const char *chk, size_t chklen, unsigned int flags, | |||
| 988 | alt_type = V_ASN1_IA5STRING; | 988 | alt_type = V_ASN1_IA5STRING; |
| 989 | equal = equal_email; | 989 | equal = equal_email; |
| 990 | } else if (check_type == GEN_DNS) { | 990 | } else if (check_type == GEN_DNS) { |
| 991 | cnid = NID_commonName; | 991 | if (!(flags & X509_CHECK_FLAG_NEVER_CHECK_SUBJECT)) |
| 992 | cnid = NID_commonName; | ||
| 992 | /* Implicit client-side DNS sub-domain pattern */ | 993 | /* Implicit client-side DNS sub-domain pattern */ |
| 993 | if (chklen > 1 && chk[0] == '.') | 994 | if (chklen > 1 && chk[0] == '.') |
| 994 | flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS; | 995 | flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS; |