From: Beat Bolli <dev+git@drbeat.li>
To: git@vger.kernel.org
Cc: Beat Bolli <dev+git@drbeat.li>,
Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
Subject: [PATCH 3/4] imap-send: remove two string length checks
Date: Wed, 11 Mar 2026 13:11:06 +0100 [thread overview]
Message-ID: <20260311121107.1122387-4-dev+git@drbeat.li> (raw)
In-Reply-To: <20260311121107.1122387-1-dev+git@drbeat.li>
At this point, these two checks verify that the ASN1_STRINGs are
internally consistent. This may have been ok when the fields were
accessed directly, but now that the API is used, is unnecessary.
Remove the two checks.
Signed-off-by: Beat Bolli <dev+git@drbeat.li>
---
imap-send.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/imap-send.c b/imap-send.c
index 2a904314dd..2bb0003f08 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -253,8 +253,6 @@ static int verify_hostname(X509 *cert, const char *hostname)
ASN1_STRING *subj_alt_str = GENERAL_NAME_get0_value(subj_alt_name, &ntype);
if (ntype == GEN_DNS &&
- strlen((const char *)ASN1_STRING_get0_data(subj_alt_str)) ==
- ASN1_STRING_length(subj_alt_str) &&
host_matches(hostname, (const char *)ASN1_STRING_get0_data(subj_alt_str)))
found = 1;
}
@@ -270,8 +268,7 @@ static int verify_hostname(X509 *cert, const char *hostname)
(cname_entry = X509_NAME_get_entry(subj, i)) == NULL ||
(cname = X509_NAME_ENTRY_get_data(cname_entry)) == NULL)
return error("cannot get certificate common name");
- if (strlen((const char *)ASN1_STRING_get0_data(cname)) == ASN1_STRING_length(cname) &&
- host_matches(hostname, (const char *)ASN1_STRING_get0_data(cname)))
+ if (host_matches(hostname, (const char *)ASN1_STRING_get0_data(cname)))
return 0;
return error("certificate owner '%s' does not match hostname '%s'",
ASN1_STRING_get0_data(cname), hostname);
--
2.51.0
next prev parent reply other threads:[~2026-03-11 12:15 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-11 12:11 [PATCH 0/4] imap-send: modernize the OpenSSL API Beat Bolli
2026-03-11 12:11 ` [PATCH 1/4] imap-send: use the OpenSSL API to access the subject alternative names Beat Bolli
2026-03-11 12:11 ` [PATCH 2/4] imap-send: use the OpenSSL API to access the subject common name Beat Bolli
2026-03-11 12:11 ` Beat Bolli [this message]
2026-03-11 13:41 ` [PATCH 3/4] imap-send: remove two string length checks Oswald Buddenhagen
2026-03-11 21:49 ` Beat Bolli
2026-03-11 18:55 ` Junio C Hamano
2026-03-11 22:00 ` Beat Bolli
2026-03-11 12:11 ` [PATCH 4/4] imap-send: refactor function host_matches() Beat Bolli
2026-03-11 22:10 ` [PATCH v2 0/3] imap-send: modernize the OpenSSL API Beat Bolli
2026-03-12 0:25 ` Junio C Hamano
2026-03-11 22:10 ` [PATCH v2 1/3] imap-send: use the OpenSSL API to access the subject alternative names Beat Bolli
2026-03-11 22:10 ` [PATCH v2 2/3] imap-send: use the OpenSSL API to access the subject common name Beat Bolli
2026-03-11 22:10 ` [PATCH v2 3/3] imap-send: move common code into function host_matches() Beat Bolli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260311121107.1122387-4-dev+git@drbeat.li \
--to=dev+git@drbeat.li \
--cc=git@vger.kernel.org \
--cc=oswald.buddenhagen@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.