1:31 p.m.
subjectaltnameaddr() in tlscommon.c is passed a struct in6_addr * as a parameter. Near
the end of the function, it calls memcmp() to compare that address to one found in the
certificate, however, it is taking the address of the argument, meaning it's passing a
struct in6_addr ** to memcmp(), which is incorrect. Fix is to remove the & from addr
in the memcmp.
1:44 p.m.
I've just found the github repository, and submitted a pull request for this.
-----Original Message-----
From: radsecproxy [mailto:radsecproxy-bounces@lists.nordu.net] On
Behalf Of Wall, Stephen
Sent: Wednesday, June 27, 2018 9:32 AM
To: radsecproxy(a)lists.nordu.net
Subject: [radsecproxy] Bug in certificate validation
subjectaltnameaddr() in tlscommon.c is passed a struct in6_addr * as a
parameter. Near the end of the function, it calls memcmp() to compare
that address to one found in the certificate, however, it is taking the
address of the argument, meaning it's passing a struct in6_addr ** to
memcmp(), which is incorrect. Fix is to remove the & from addr in the
memcmp.
_______________________________________________
radsecproxy mailing list
radsecproxy(a)lists.nordu.net
https://lists.nordu.net/listinfo/radsecproxy
2394
days inactive
2394
days old
1 comments
1 participants
participants (1)
-
Wall, Stephen