Cypherpunks repositories - gostls13.git/commit

author	rubyist <scott.barron@github.com>
	Tue, 10 Feb 2015 15:24:01 +0000 (10:24 -0500)
committer	Adam Langley <agl@golang.org>
	Wed, 11 Feb 2015 01:20:35 +0000 (01:20 +0000)
commit	32304fc970177d18e3cf07ca7dfd217314f6a7e9
tree	c0bd7e3d68b96cb46a025b25256e6a60b770ae22	tree
parent	6dd31660b054cb3bc9c1f25c6c9302669a7803e3	commit \| diff

crypto/x509: allow matchHostnames to work with absolute domain names

If an absolute domain name (i.e. ends in a '.' like "example.com.") is used
with ssl/tls, the certificate will be reported as invalid. In matchHostnames,
the host and patterns are split on '.' and if the lengths of the resulting
slices do not match, the function returns false. When splitting an absolute
domain name on '.', the slice will have an extra empty string at the end. This
empty string should be discarded before comparison, if present.

Fixes #9828

Change-Id: I0e39674b44a6f93b5024497e76cf1b550832a61d
Reviewed-on: https://go-review.googlesource.com/4380
Reviewed-by: Adam Langley <agl@golang.org>
TryBot: Adam Langley <agl@golang.org>

src/crypto/x509/verify.go		diff \| blob \| history
src/crypto/x509/x509_test.go		diff \| blob \| history