httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 32652] - mod_ssl: match hostnames against subjectAltName DNS names too
Date Tue, 04 Dec 2007 14:13:35 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=32652>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=32652





------- Additional Comments From steve@openssl.org  2007-12-04 06:13 -------
I've attached a patch which checks subjectAltName and also multiple commonName
types if subjectAltName is not present. It can also handle alternative string
types in commonName.

Logging errors isn't quite as straight forward because several names could be
matched. I've set this to initially check a match, then if and only if it fails
log all the mismatches.

If nothing else the patch should give a few pointers.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message