diff options
author | Daniel Stenberg <daniel@haxx.se> | 2009-08-11 21:48:58 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2009-08-11 21:48:58 +0000 |
commit | e73fe837a8877c0197721b91e0d5ec40cb7a2cd0 (patch) | |
tree | 241c5ac517e86455b87876c56afafbeb26b3d1f8 /RELEASE-NOTES | |
parent | a9caeb1064bf942a6c066a8c048f077409d1b937 (diff) |
- Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
verification of cert names etc. This made an error show up in the OpenSSL-
specific code where it would attempt to match the CN field even if a
subjectAltName exists that doesn't match. This is now fixed and verified
in test 311.
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r-- | RELEASE-NOTES | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index ceb84d9c7..0ecd1fe45 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -42,6 +42,8 @@ This release includes the following bugfixes: o rand seeding on libcurl on windows built with OpenSSL was not thread-safe o fixed the zero byte inserted in cert name flaw in libcurl+OpenSSL o don't try SNI with SSLv2 or SSLv3 (OpenSSL and GnuTLS builds) + o libcurl+OpenSSL would wrongly acknowledge a cert if CN matched but + subjectAltName didn't This release includes the following known bugs: |