projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
RT3662: Allow leading . in nameConstraints
[openssl.git]
/
crypto
/
x509v3
/
v3_ncons.c
diff --git
a/crypto/x509v3/v3_ncons.c
b/crypto/x509v3/v3_ncons.c
index 06520fee4114a933b49b3e6d0f0f416aaf9f5e8c..25c18551493325ef546d1f76177e8949be74274a 100644
(file)
--- a/
crypto/x509v3/v3_ncons.c
+++ b/
crypto/x509v3/v3_ncons.c
@@
-405,7
+405,7
@@
static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
if (dns->length > base->length)
{
dnsptr += dns->length - base->length;
- if (dnsptr[-1] != '.')
+ if (
*baseptr != '.' &&
dnsptr[-1] != '.')
return X509_V_ERR_PERMITTED_VIOLATION;
}