[MacPorts] #65297: Alpine fails to validate certs with no extensions
MacPorts
noreply at macports.org
Sat Jun 4 23:27:34 UTC 2022
#65297: Alpine fails to validate certs with no extensions
-----------------------------+--------------------
Reporter: steven-michaud | Owner: (none)
Type: defect | Status: new
Priority: Normal | Milestone:
Component: ports | Version:
Resolution: | Keywords:
Port: alpine |
-----------------------------+--------------------
Comment (by steven-michaud):
I'll attach a patch to Alpine 2.25 that fixes this bug. I tried to neaten
up the logic, and alter it as little as possible. Here's pseudo-code that
shows how it makes `ssl_validate_cert()` work:
{{{
for (each field in `cert`'s "subject name") {
if (field matches `host`) {
return NIL (success);
}
}
for (each of `cert`'s `subject_alt_name` extensions) {
if (`subject_alt_name` matches `host`) {
return NIL (success);
}
}
return error;
}}}
--
Ticket URL: <https://trac.macports.org/ticket/65297#comment:2>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list