diff options
| author | corvid <corvid@lavabit.com> | 2010-08-03 16:17:39 +0000 |
|---|---|---|
| committer | corvid <corvid@lavabit.com> | 2010-08-03 16:17:39 +0000 |
| commit | 9463b8969e39cf2d140a3f3f88c2de85a5b677d4 (patch) | |
| tree | 45984ae216e526e420749e9d0b150749c89f3057 /dpi | |
| parent | 3d741c1dd8a3f09d03f448b5f3c5537135bfbbab (diff) | |
Fix segfault with https and self-signed certs
Crashed when no "/CN=" substring in certificate name.
I saw this with calomel.org (which just had "/C=US", if I recall correctly).
Diffstat (limited to 'dpi')
| -rw-r--r-- | dpi/https.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/dpi/https.c b/dpi/https.c index e9bf7b5f..d6a16405 100644 --- a/dpi/https.c +++ b/dpi/https.c @@ -452,10 +452,11 @@ static int handle_certificate_problem(SSL * ssl_connection) case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: /*Either self signed and untrusted*/ /*Extract CN from certificate name information*/ - cn = strstr(remote_cert->name, "/CN=") + 4; - if (cn == NULL) + if ((cn = strstr(remote_cert->name, "/CN=")) == NULL) break; + cn += 4; + if ((cn_end = strstr(cn, "/")) == NULL ) cn_end = cn + strlen(cn); |