diff options
Diffstat (limited to '')
-rw-r--r-- | src/lib/libtls/tls_verify.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/src/lib/libtls/tls_verify.c b/src/lib/libtls/tls_verify.c index 3bd1057d0c..acbe163ffd 100644 --- a/src/lib/libtls/tls_verify.c +++ b/src/lib/libtls/tls_verify.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: tls_verify.c,v 1.19 2017/04/10 17:11:13 jsing Exp $ */ | 1 | /* $OpenBSD: tls_verify.c,v 1.20 2018/02/05 00:52:24 jsing Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> | 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> |
4 | * | 4 | * |
@@ -215,16 +215,16 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
215 | 215 | ||
216 | subject_name = X509_get_subject_name(cert); | 216 | subject_name = X509_get_subject_name(cert); |
217 | if (subject_name == NULL) | 217 | if (subject_name == NULL) |
218 | goto out; | 218 | goto done; |
219 | 219 | ||
220 | common_name_len = X509_NAME_get_text_by_NID(subject_name, | 220 | common_name_len = X509_NAME_get_text_by_NID(subject_name, |
221 | NID_commonName, NULL, 0); | 221 | NID_commonName, NULL, 0); |
222 | if (common_name_len < 0) | 222 | if (common_name_len < 0) |
223 | goto out; | 223 | goto done; |
224 | 224 | ||
225 | common_name = calloc(common_name_len + 1, 1); | 225 | common_name = calloc(common_name_len + 1, 1); |
226 | if (common_name == NULL) | 226 | if (common_name == NULL) |
227 | goto out; | 227 | goto done; |
228 | 228 | ||
229 | X509_NAME_get_text_by_NID(subject_name, NID_commonName, common_name, | 229 | X509_NAME_get_text_by_NID(subject_name, NID_commonName, common_name, |
230 | common_name_len + 1); | 230 | common_name_len + 1); |
@@ -236,7 +236,7 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
236 | "NUL byte in Common Name field, " | 236 | "NUL byte in Common Name field, " |
237 | "probably a malicious certificate", name); | 237 | "probably a malicious certificate", name); |
238 | rv = -1; | 238 | rv = -1; |
239 | goto out; | 239 | goto done; |
240 | } | 240 | } |
241 | 241 | ||
242 | /* | 242 | /* |
@@ -247,13 +247,13 @@ tls_check_common_name(struct tls *ctx, X509 *cert, const char *name, | |||
247 | inet_pton(AF_INET6, name, &addrbuf) == 1) { | 247 | inet_pton(AF_INET6, name, &addrbuf) == 1) { |
248 | if (strcmp(common_name, name) == 0) | 248 | if (strcmp(common_name, name) == 0) |
249 | *cn_match = 1; | 249 | *cn_match = 1; |
250 | goto out; | 250 | goto done; |
251 | } | 251 | } |
252 | 252 | ||
253 | if (tls_match_name(common_name, name) == 0) | 253 | if (tls_match_name(common_name, name) == 0) |
254 | *cn_match = 1; | 254 | *cn_match = 1; |
255 | 255 | ||
256 | out: | 256 | done: |
257 | free(common_name); | 257 | free(common_name); |
258 | return rv; | 258 | return rv; |
259 | } | 259 | } |