projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 396e720) | patch
Disallow setting more than one IP address with SSL_add1_host()
authorDavid Woodhouse <dwmw2@infradead.org>
Mon, 11 May 2020 18:28:03 +0000 (19:28 +0100)
committerTomas Mraz <tmraz@fedoraproject.org>
Mon, 3 Aug 2020 15:15:36 +0000 (17:15 +0200)
commit892a9e4c99f13e295f6146b41e72b92b91899a12
tree8b489cf82bad1b4bcb6b66083c78739c83125584tree | snapshot
parent396e72096589593cb00412c85170c7ec87d13b89commit | diff
Disallow setting more than one IP address with SSL_add1_host()

The X509_VERIFY_PARAM can only take a single IP address, although it can
have multiple hostnames. When SSL_add1_host() is given an IP address,
don't accept it if there is already one configured.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9201)
ssl/ssl_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.