feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

alter search behavior for testing if URI is a absolute path

Browse Source
This commit is contained in:
Jacob Barthelmeh
2018-05-09 14:43:52 -06:00
parent bb979980ca
commit d1192021a5
1 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
wolfcrypt/src/asn.c
View File

@@ -5717,9 +5717,28 @@ static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
/* Verify RFC 5280 Sec 4.2.1.6 rule: /* Verify RFC 5280 Sec 4.2.1.6 rule:
"The name MUST NOT be a relative URI" */ "The name MUST NOT be a relative URI" */
if (XSTRNSTR((const char*)&input[idx], "://", strLen + 1) == NULL) { {
WOLFSSL_MSG("\tAlt Name must be absolute URI"); int i;
return ASN_ALT_NAME_E;
/* skip past scheme (i.e http,ftp,...) finding first ':' char */
for (i = 0; i < strLen; i++) {
if (input[idx + i] == ':') {
break;
}
if (input[idx + i] == '/') {
i = strLen; /* error, found relative path since '/' was
* encountered before ':'. Returning error
* value in next if statement. */
}
}
/* test if no ':' char was found and test that the next two
* chars are // to match the pattern "://" */
if (i == strLen || (input[idx + i + 1] != '/' ||
input[idx + i + 2] != '/')) {
WOLFSSL_MSG("\tAlt Name must be absolute URI");
return ASN_ALT_NAME_E;
}
} }
#endif #endif