File 1011-public_key-Correct-match_name-function-for-dnsNames.patch of Package erlang

From 40857b07dfe17e68a913b2f78904550572e301ae Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 24 May 2024 10:44:15 +0200
Subject: [PATCH] public_key: Correct match_name function for dnsNames

closes #8482
---
 lib/public_key/src/pubkey_cert.erl | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index 4a91335e0c..c8b001eea0 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -517,10 +517,21 @@ match_name(emailAddress, Name, [PermittedName | Rest]) ->
 
 match_name(dNSName, Name, [PermittedName | Rest]) ->
     Fun = fun(Domain, [$.|Domain]) -> true;
-	     (Name1,Name2) ->
-		  is_suffix(Name2, Name1)
+	     (Name1, [$. | _] = Name2) ->
+                  is_suffix(Name2, Name1);
+             (Name1, Name2) ->
+                  StrLen1 = string:len(Name1),
+                  StrLen2 = string:len(Name2),
+                  case StrLen1 > StrLen2 of
+                      true ->
+                          is_suffix([$. | Name2], Name1);
+                      false when StrLen1 == StrLen2 ->
+                          string:casefold(Name1) == string:casefold(Name2);
+                      false ->
+                          false
+                  end
           end,
-    match_name(Fun, Name, [$.|PermittedName], Rest);
+    match_name(Fun, Name, PermittedName, Rest);
 
 match_name(x400Address, OrAddress, [PermittedAddr | Rest]) ->
     match_name(fun is_or_address/2, OrAddress, PermittedAddr, Rest);
-- 
2.35.3

Places

File 1011-public_key-Correct-match_name-function-for-dnsNames.patch of Package erlang

Places