|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Marc Balmer (mbalmer
cvs.openbsd.org)
Date: Fri Apr 06 2007 - 03:07:19 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
CVSROOT: /cvs
Module name: src
Changes by: mbalmercvs.openbsd.org 2007/04/06 02:07:19
Modified files:
sbin/isakmpd : Tag: OPENBSD_4_0 x509.c
Log message:
Make isakmpd(8) useable with CaCert signed certificates and add a fix from
-current.
MFC:
revision 1.108
date: 2007/03/03 20:03:03; author: tom; state: Exp; lines: +7 -2
There may be more than one item in the subjectAltName (cropping up
with CACert certificates) so don't require the reported length to be
exactly equal to the length of the data, but accept it if it's <=
the length of the data (i.e. we just use the first alt name). The
purpose of the check is to make sure we don't try to read beyond the
data we actually have.
ok cloder hshoexer
----------------------------
revision 1.107
date: 2006/09/19 10:48:41; author: otto; state: Exp; lines: +3 -3
Use S_IS* macros insted of masking with S_IF* flags. The latter may
have multiple bits set, which leads to surprising results. Spotted by/partly
from Paul Stoeber, more to come. ok ho miod hshoexer
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]