Overview

File 1240-Make-hostname-check-case-insensitive.patch of Package erlang

From 0e34f6aab2a96a4efc1fca1df4e905925d3c6130 Mon Sep 17 00:00:00 2001
From: Dan Gudmundsson <dgud@erlang.org>
Date: Wed, 10 Mar 2021 12:16:20 +0100
Subject: [PATCH] Make hostname check case insensitive

Use to_lower_ascii on input.
---
 lib/public_key/src/public_key.erl        |  4 ++--
 lib/public_key/test/public_key_SUITE.erl | 18 ++++++++++--------
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 4176fce978..597aca35d5 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -1815,8 +1815,8 @@ verify_hostname_match_default0(_, _) ->
 
 
 verify_hostname_match_wildcard(FQDN, Name) ->
-    [F1|Fs] = string:tokens(FQDN, "."),
-    [N1|Ns] = string:tokens(Name, "."),
+    [F1|Fs] = string:tokens(to_lower_ascii(FQDN), "."),
+    [N1|Ns] = string:tokens(to_lower_ascii(Name), "."),
     match_wild(F1,N1) andalso Fs==Ns.
 
 
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 438924375c..348e0daa62 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -800,24 +800,26 @@ pkix_verify_hostname_subjAltName(Config) ->
 
     %% Check that a dns_id matches a DNS subjAltName:
     true =  public_key:pkix_verify_hostname(Cert, [{dns_id,"kb.example.org"}]),
+    true =  public_key:pkix_verify_hostname(Cert, [{dns_id,"KB.EXAMPLE.ORG"}]),
 
     %% Check that a dns_id does not match a DNS subjAltName wiht wildcard
     false =  public_key:pkix_verify_hostname(Cert, [{dns_id,"other.example.org"}]),
 
     %% Check that a dns_id does match a DNS subjAltName wiht wildcard with matchfun
-    true =  public_key:pkix_verify_hostname(Cert, [{dns_id,"other.example.org"}],
-                                            [{match_fun, public_key:pkix_verify_hostname_match_fun(https)}
-                                            ]
-                                             ),
+    MatchFun = {match_fun, public_key:pkix_verify_hostname_match_fun(https)},
+    true =  public_key:pkix_verify_hostname(Cert, [{dns_id,"other.example.org"}], [MatchFun]),
+    true =  public_key:pkix_verify_hostname(Cert, [{dns_id,"OTHER.EXAMPLE.ORG"}], [MatchFun]),
 
     %% Check that a uri_id does not match a DNS subjAltName wiht wildcard
     false =  public_key:pkix_verify_hostname(Cert, [{uri_id,"https://other.example.org"}]),
+    false =  public_key:pkix_verify_hostname(Cert, [{uri_id,"https://OTHER.EXAMPLE.ORG"}]),
 
     %% Check that a dns_id does match a DNS subjAltName wiht wildcard with matchfun
-    true =  public_key:pkix_verify_hostname(Cert, [{uri_id,"https://other.example.org"}],
-                                            [{match_fun, public_key:pkix_verify_hostname_match_fun(https)}
-                                            ]
-                                             ).
+    true =  public_key:pkix_verify_hostname(Cert, [{uri_id,"https://other.example.org"}], [MatchFun]),
+    true =  public_key:pkix_verify_hostname(Cert, [{uri_id,"https://OTHER.EXAMPLE.ORG"}], [MatchFun]),
+    true =  public_key:pkix_verify_hostname(Cert, [{uri_id,"https://OTHER.example.org"}], [MatchFun]),
+
+    ok.
 
 %%--------------------------------------------------------------------
 %% Uses the pem-file for pkix_verify_hostname_cn
-- 
2.26.2
openSUSE Build Service is sponsored by
Places