solaris-desktop/patches/w3m-03-istream.diff

	w3m-03-istream.diff revision 20034
10139N/A--- w3m-0.5.2/istream.c 2007-05-23 23:06:05.000000000 +0800
10139N/A+++ w3m-0.5.3/istream.c 2011-01-04 17:22:22.000000000 +0800
10139N/A@@ -1,4 +1,4 @@
10139N/A-/* $Id: istream.c,v 1.26 2007/05/23 15:06:05 inu Exp $ */
10139N/A+/* $Id: istream.c,v 1.27 2010/07/18 13:43:23 htrb Exp $ */
10139N/A #include "fm.h"
10139N/A #include "myctype.h"
10139N/A #include "istream.h"
10139N/A@@ -447,8 +447,17 @@
10139N/A
10139N/A            if (!seen_dnsname)
10139N/A            seen_dnsname = Strnew();
10139N/A+           /* replace \0 to make full string visible to user */
11426N/A+           if (sl != strlen(sn)) {
10139N/A+           int i;
10139N/A+           for (i = 0; i < sl; ++i) {
10139N/A+               if (!sn[i])
10139N/A+               sn[i] = '!';
11266N/A+           }
10139N/A+           }
10139N/A            Strcat_m_charp(seen_dnsname, sn, " ", NULL);
10139N/A-           if (ssl_match_cert_ident(sn, sl, hostname))
10139N/A+           if (sl == strlen(sn) /* catch \0 in SAN */
10139N/A+           && ssl_match_cert_ident(sn, sl, hostname))
10139N/A            break;
10139N/A        }
11023N/A        }
11016N/A@@ -466,16 +475,27 @@
10139N/A     if (match_ident == FALSE && ret == NULL) {
10139N/A    X509_NAME *xn;
10139N/A    char buf[2048];
10139N/A+   int slen;
10139N/A
10139N/A    xn = X509_get_subject_name(x);
10139N/A
10139N/A-   if (X509_NAME_get_text_by_NID(xn, NID_commonName,
10139N/A-                     buf, sizeof(buf)) == -1)
10139N/A+   slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
10139N/A+   if ( slen == -1)
10139N/A        /* FIXME: gettextize? */
10139N/A        ret = Strnew_charp("Unable to get common name from peer cert");
10139N/A-   else if (!ssl_match_cert_ident(buf, strlen(buf), hostname))
10139N/A+   else if (slen != strlen(buf)
10139N/A+       || !ssl_match_cert_ident(buf, strlen(buf), hostname)) {
10139N/A+       /* replace \0 to make full string visible to user */
10139N/A+       if (slen != strlen(buf)) {
10139N/A+       int i;
10139N/A+       for (i = 0; i < slen; ++i) {
10139N/A+           if (!buf[i])
10139N/A+           buf[i] = '!';
10139N/A+       }
10139N/A+       }
10139N/A        /* FIXME: gettextize? */
10139N/A        ret = Sprintf("Bad cert ident %s from %s", buf, hostname);
10139N/A+   }
10139N/A    else
10139N/A        match_ident = TRUE;
10139N/A     }
10139N/A