|
|
@@ -11,7 +11,7 @@ Signed-off-by: Glenn Strauss <[email protected]>
|
|
|
|
|
|
--- a/include/mbedtls/x509_crt.h
|
|
|
+++ b/include/mbedtls/x509_crt.h
|
|
|
-@@ -608,7 +608,7 @@ int mbedtls_x509_crt_verify_info(char *b
|
|
|
+@@ -596,7 +596,7 @@ int mbedtls_x509_crt_verify_info(char *b
|
|
|
* \param cn The expected Common Name. This will be checked to be
|
|
|
* present in the certificate's subjectAltNames extension or,
|
|
|
* if this extension is absent, as a CN component in its
|
|
|
@@ -22,7 +22,7 @@ Signed-off-by: Glenn Strauss <[email protected]>
|
|
|
* If the verification couldn't be completed, the flag value is
|
|
|
--- a/library/x509_crt.c
|
|
|
+++ b/library/x509_crt.c
|
|
|
-@@ -57,6 +57,10 @@
|
|
|
+@@ -45,6 +45,10 @@
|
|
|
|
|
|
#if defined(MBEDTLS_HAVE_TIME)
|
|
|
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
|
|
|
@@ -33,7 +33,7 @@ Signed-off-by: Glenn Strauss <[email protected]>
|
|
|
#include <windows.h>
|
|
|
#else
|
|
|
#include <time.h>
|
|
|
-@@ -3002,6 +3006,61 @@ find_parent:
|
|
|
+@@ -2990,6 +2994,61 @@ find_parent:
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -95,7 +95,7 @@ Signed-off-by: Glenn Strauss <[email protected]>
|
|
|
/*
|
|
|
* Check for CN match
|
|
|
*/
|
|
|
-@@ -3022,24 +3081,51 @@ static int x509_crt_check_cn(const mbedt
|
|
|
+@@ -3010,24 +3069,51 @@ static int x509_crt_check_cn(const mbedt
|
|
|
return -1;
|
|
|
}
|
|
|
|
|
|
@@ -158,7 +158,7 @@ Signed-off-by: Glenn Strauss <[email protected]>
|
|
|
}
|
|
|
|
|
|
/*
|
|
|
-@@ -3050,31 +3136,23 @@ static void x509_crt_verify_name(const m
|
|
|
+@@ -3038,31 +3124,23 @@ static void x509_crt_verify_name(const m
|
|
|
uint32_t *flags)
|
|
|
{
|
|
|
const mbedtls_x509_name *name;
|
Hauke Mehrtens