]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 8f8d066) | patch
crypto/x509: allow wildcards only as the first label.
authorAdam Langley <agl@golang.org>
Mon, 23 Feb 2015 23:11:39 +0000 (15:11 -0800)
committerAdam Langley <agl@golang.org>
Tue, 24 Feb 2015 19:45:34 +0000 (19:45 +0000)
commite7fae6854008c163ba83e2eac52ae9f12003a9a9
tree9b4dbeae0370bd12fb82c792a4ba900d3d1697e8tree
parent8f8d066bfd86c736e35f1c0e36ae01fb0bdd7190commit | diff
crypto/x509: allow wildcards only as the first label.

RFC 6125 now specifies that wildcards are only allowed for the leftmost
label in a pattern: https://tools.ietf.org/html/rfc6125#section-6.4.3.

This change updates Go to match the behaviour of major browsers in this
respect.

Fixes #9834.

Change-Id: I37c10a35177133624568f2e0cf2767533926b04a
Reviewed-on: https://go-review.googlesource.com/5691
Reviewed-by: Andrew Gerrand <adg@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
src/crypto/x509/verify.go diff | blob | history
src/crypto/x509/x509_test.go diff | blob | history
Go GOST TLS 1.3