projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 752aa4a) | patch
Add a test case for the name constraints bug
authorMatt Caswell <matt@openssl.org>
Fri, 3 Dec 2021 15:28:31 +0000 (15:28 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Dec 2021 13:48:34 +0000 (13:48 +0000)
commit0fcf2351ecff5db21cba431704e4da631b74904a
tree1948cc326564442738ba0e97fd26f5a2bac8db6dtree | snapshot
parent752aa4a6f0f3098258fb6be5592fd18929da59c0commit | diff
Add a test case for the name constraints bug

Where a chain has name constraints but a certificate does not have a SAN
extension but the CN meets the constraints, then this should be acceptable.
However, and OpenSSL bug meant that an internal error was being reported.
This adds a test case for that scenario.

Test for CVE-2021-4044

Reviewed-by: Tomas Mraz <tomas@openssl.org>
test/recipes/25-test_verify.t diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.