From 62540710d193a8120bb7efa8d79a080971b587d3 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Thu, 22 Mar 2018 15:54:46 +0000
Subject: Call strlen() if name length provided is 0, like OpenSSL does. Issue
 notice by Christian Heimes <christian@python.org> ok deraadt@ jsing@

---
 src/lib/libcrypto/x509/x509_vpm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c
index e0111d2f17..0897137697 100644
--- a/src/lib/libcrypto/x509/x509_vpm.c
+++ b/src/lib/libcrypto/x509/x509_vpm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vpm.c,v 1.16 2017/12/09 07:09:25 deraadt Exp $ */
+/* $OpenBSD: x509_vpm.c,v 1.17 2018/03/22 15:54:46 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
@@ -130,6 +130,8 @@ int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
 {
 	char *copy;
 
+	if (name != NULL && namelen == 0)
+		namelen = strlen(name);
 	/*
 	 * Refuse names with embedded NUL bytes.
 	 * XXX: Do we need to push an error onto the error stack?
-- 
cgit v1.2.3-55-g6feb