[email protected]
[Top] [All Lists]

Bug#479174: marked as forwarded ([gnutls26] Non-permissive subjectAltNa

Subject: Bug#479174: marked as forwarded [gnutls26] Non-permissive subjectAltName wildcard
From: Debian Bug Tracking System
Date: Sun, 04 May 2008 12:03:13 +0000
Your message dated Sun, 4 May 2008 14:00:23 +0200
with message-id <[email protected]>
has caused the   report #479174,
regarding [gnutls26] Non-permissive subjectAltName wildcard
to be marked as having been forwarded to the upstream software
author(s) [email protected]

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
479174: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479174
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Subject: [Patch] Non-permissive subjectAltName wildcard
From: Andreas Metzler
Date: Sun, 4 May 2008 14:00:23 +0200
Hello,

this http://bugs.debian.org/479174 reported by Jean-Philippe Garcia
Ballester:

On 2008-05-03 Jean-Philippe Garcia Ballester <[email protected]> wrote:
> It seems too me that the subjectAltName wildcard matching has strong 
> constraints.

> First, it allows only one wildcard. Since a wildcard can only match
> a single domain component, multiple wildcards are useful (e.g.,
> *.*.example.org). I did not see in the rfc 2818 such restriction.

> Second, it only allows the wildcard to be at the beginning of the
> hostname.  Since the rfc 2818 gives âf*.comâ as an example, I
> believe this is a false assert.

> Third, it only allows the wildcard to be followed by a â.â. This is
> not clearly stated in the rfc, but I believe it is reasonnable to
> assume that if âf*.comâ is allowed, then âf*o.comâ should be allowed
> as well.

> The attached patch fixes all these issues and add some tests.

Attachment: gnutls26-2.2.3~rc_subject_alt_name_permissive_wildcard.patch
Description: Text Data


--- End Message ---
<Prev in Thread] Current Thread [Next in Thread>
  • Bug#479174: marked as forwarded ([gnutls26] Non-permissive subjectAltName wildcard), Debian Bug Tracking System <=