diff options
| author | Michael Brown | 2012-05-08 11:36:09 +0200 |
|---|---|---|
| committer | Michael Brown | 2012-05-08 13:49:01 +0200 |
| commit | 0ad8b601dd190912b1338155b000d577205c4e02 (patch) | |
| tree | cdcbaa7520dd84b640aa0b576aab77c532791e96 /src/net/tls.c | |
| parent | [list] Add list_last_entry() (diff) | |
| download | ipxe-0ad8b601dd190912b1338155b000d577205c4e02.tar.gz ipxe-0ad8b601dd190912b1338155b000d577205c4e02.tar.xz ipxe-0ad8b601dd190912b1338155b000d577205c4e02.zip | |
[crypto] Allow for X.509 certificates with no common name
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/net/tls.c')
| -rw-r--r-- | src/net/tls.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/net/tls.c b/src/net/tls.c index 06242152..3a8a0e05 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1399,7 +1399,8 @@ static int tls_new_certificate ( struct tls_session *tls, assert ( cert != NULL ); /* Verify server name */ - if ( strcmp ( tls->name, cert->subject.name ) != 0 ) { + if ( ( cert->subject.name == NULL ) || + ( strcmp ( cert->subject.name, tls->name ) != 0 ) ) { DBGC ( tls, "TLS %p server name incorrect (expected %s, got " "%s)\n", tls, tls->name, cert->subject.name ); return -EACCES_WRONG_NAME; |