diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2009-08-01 22:18:37 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2009-08-01 22:18:37 +0000 |
| commit | aabf62e7d273d95426c2f2ce05813f9f6e470114 (patch) | |
| tree | 20038f94473178fff7158fc6fea33b8a4290e0e0 /CHANGES | |
| parent | 6d891d2a3b907f12e5c9b335a806fcb7e77b877b (diff) | |
clarify the description of the null byte in cert name fix
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -27,8 +27,10 @@ Daniel Stenberg (1 Aug 2009) if the name in the cert was "example.com\0theatualsite.com", libcurl would happily verify that cert for example.com. - libcurl now better use the length of the extracted name, not assuming it is - zero terminated. + libcurl now better uses the length of the extracted name, not using the zero + termination for getting the string length. + + This fixing only made and needed in OpenSSL interfacing code. - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present only in some OpenSSL installs - like on Windows) isn't thread-safe and we |