|
@@ -11306,21 +11306,22 @@ SSLClient::verify_host_with_subject_alt_name(X509 *server_cert) const {
|
|
|
|
|
|
|
|
for (decltype(count) i = 0; i < count && !dsn_matched; i++) {
|
|
for (decltype(count) i = 0; i < count && !dsn_matched; i++) {
|
|
|
auto val = sk_GENERAL_NAME_value(alt_names, i);
|
|
auto val = sk_GENERAL_NAME_value(alt_names, i);
|
|
|
- if (val->type == type) {
|
|
|
|
|
- auto name =
|
|
|
|
|
- reinterpret_cast<const char *>(ASN1_STRING_get0_data(val->d.ia5));
|
|
|
|
|
- auto name_len = static_cast<size_t>(ASN1_STRING_length(val->d.ia5));
|
|
|
|
|
-
|
|
|
|
|
- switch (type) {
|
|
|
|
|
- case GEN_DNS: dsn_matched = check_host_name(name, name_len); break;
|
|
|
|
|
-
|
|
|
|
|
- case GEN_IPADD:
|
|
|
|
|
- if (!memcmp(&addr6, name, addr_len) ||
|
|
|
|
|
- !memcmp(&addr, name, addr_len)) {
|
|
|
|
|
- ip_matched = true;
|
|
|
|
|
- }
|
|
|
|
|
- break;
|
|
|
|
|
|
|
+ if (!val || val->type != type) { continue; }
|
|
|
|
|
+
|
|
|
|
|
+ auto name =
|
|
|
|
|
+ reinterpret_cast<const char *>(ASN1_STRING_get0_data(val->d.ia5));
|
|
|
|
|
+ if (name == nullptr) { continue; }
|
|
|
|
|
+
|
|
|
|
|
+ auto name_len = static_cast<size_t>(ASN1_STRING_length(val->d.ia5));
|
|
|
|
|
+
|
|
|
|
|
+ switch (type) {
|
|
|
|
|
+ case GEN_DNS: dsn_matched = check_host_name(name, name_len); break;
|
|
|
|
|
+
|
|
|
|
|
+ case GEN_IPADD:
|
|
|
|
|
+ if (!memcmp(&addr6, name, addr_len) || !memcmp(&addr, name, addr_len)) {
|
|
|
|
|
+ ip_matched = true;
|
|
|
}
|
|
}
|
|
|
|
|
+ break;
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
yhirose