]> git.ipfire.org Git - thirdparty/openssl.git/commit - include/openssl/x509v3.h
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: abfb989) | patch
Client-side namecheck wildcards.
authorViktor Dukhovni <openssl-users@dukhovni.org>
Thu, 12 Jun 2014 05:56:31 +0000 (01:56 -0400)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 12 Jun 2014 22:19:25 +0000 (23:19 +0100)
commita09e4d24ada871ed0e6f5e37fadd52a76b29542a
treee13ebc270eccb7e9e26f2a451dda421e6b2fa2d0tree | snapshot
parentabfb989fe0b749ad61f1aa4cdb0ea4f952fc13e0commit | diff
Client-side namecheck wildcards.

A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).

With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
crypto/x509v3/v3_utl.c diff | blob | blame | history
crypto/x509v3/v3nametest.c diff | blob | blame | history
crypto/x509v3/x509v3.h diff | blob | blame | history
doc/crypto/X509_check_host.pod diff | blob | blame | history
A mirror of the official openssl repository