ssl-verify-host: fix verifying ip addresses containing zero's (#732)

* ssl-verify-host: fix verifying ip addresses containing zero's If the subject alternate name contained an ip address with an zero (like 10.42.0.1) it could not successfully verify. It is because in c++ strings are null-terminated and therefore strlen(name) would return a wrong result. As I can not see why we can not trust the length returned by openssl, lets drop this check. * ssl-verify-host: add test case lets try to validate against 127.0.0.1 Co-authored-by: Daniel Ottiger <daniel.ottiger@ch.schindler.com>
2025-07-29 11:01:13 +03:00 · 2020-11-03 02:27:34 +01:00
parent eb1d2e04bc
commit 6e1879dfae
4 changed files with 37 additions and 9 deletions
--- a/test/test.conf
+++ b/test/test.conf
@ -16,3 +16,6 @@ emailAddress           = test@email.address

 [req_attributes]
 challengePassword              = 1234
+
+[SAN]
+subjectAltName=IP:127.0.0.1