Do not call gnutls_x509_crt_check_hostname() if hostname eq NULL. Reported by Matthew Hall.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2012-02-28 10:00:15 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2012-02-28 10:24:30 +0100
commit: 60c62e045245f07798f61ef7f39e8ae84fd9c8e0 (patch)
tree: bf2b425c761eae2e3eca71ec00d6ea9a5bf5fe14 /src/common.c
parent: e506c4a1a421292dc3d5e6eba7f61f76df25e1e7 (diff)
download: gnutls-60c62e045245f07798f61ef7f39e8ae84fd9c8e0.tar.gz
1 files changed, 12 insertions, 9 deletions
diff --git a/src/common.c b/src/common.c
index 65e9c721b7..48f56bdcc7 100644
--- a/src/common.c
+++ b/src/common.c
@@ -218,18 +218,21 @@ verify_x509_hostname (gnutls_session_t session, const char *hostname)
   /* Check the hostname of the first certificate if it matches
    * the name of the host we connected to.
    */
-  if (gnutls_x509_crt_check_hostname (crt, hostname) == 0)
+  if (hostname != NULL)
     {
-      printf
+      if (gnutls_x509_crt_check_hostname (crt, hostname) == 0)
+        {
+          printf
              ("- The hostname in the certificate does NOT match '%s'\n",
               hostname);
-      ret = 0;
-    }
-  else
-    {
-      printf ("- The hostname in the certificate matches '%s'.\n",
-              hostname);
-      ret = 1;
+          ret = 0;
+        }
+      else
+        {
+          printf ("- The hostname in the certificate matches '%s'.\n",
+                  hostname);
+          ret = 1;
+        }
     }
 
   gnutls_x509_crt_deinit (crt);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2012-02-28 10:00:15 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2012-02-28 10:24:30 +0100
commit	60c62e045245f07798f61ef7f39e8ae84fd9c8e0 (patch)
tree	bf2b425c761eae2e3eca71ec00d6ea9a5bf5fe14 /src/common.c
parent	e506c4a1a421292dc3d5e6eba7f61f76df25e1e7 (diff)
download	gnutls-60c62e045245f07798f61ef7f39e8ae84fd9c8e0.tar.gz