Ticket #65297: patch-alpine-validate-cert-logging.diff

File patch-alpine-validate-cert-logging.diff, 1.4 KB (added by steven-michaud (Steven Michaud), 2 years ago)

Patch to Alpine 2.25 to log how this bug happens

  • imap/src/osdep/unix/ssl_unix.c

    old new  
    553553#endif /* OPENSSL_1_1_0 */
    554554                                /* Method 2, use cname */
    555555  if(m == 0 || ret != NIL){
     556     char *tmp[MAILTMPLEN];
    556557     cname = X509_get_subject_name(cert);
     558     X509_NAME_oneline(cname, buf, sizeof(buf));
     559     sprintf(tmp, "ssl_validate_cert(): cert %s, host %s",
     560             buf, host ? host : "null");
     561     mm_log(tmp, PARSE);
    557562     for(j = 0, ret = NIL; j < X509_NAME_entry_count(cname) && ret == NIL; j++){
    558563        if((e = X509_NAME_get_entry(cname, j)) != NULL){
    559564           X509_NAME_get_text_by_OBJ(cname, X509_NAME_ENTRY_get_object(e), buf, sizeof(buf));
     
    600605static long ssl_compare_hostnames (unsigned char *s,unsigned char *pat)
    601606{
    602607  long ret = NIL;
     608  static long entered = 0;
     609  ++entered;
    603610  switch (*pat) {
    604611  case '*':                     /* wildcard */
    605612    if (pat[1]) {               /* there must be a pattern suffix */
     
    615622    if (!compare_uchar (*pat,*s)) ret = ssl_compare_hostnames (s+1,pat+1);
    616623    break;
    617624  }
     625  if (entered == 1) {
     626    char *tmp[MAILTMPLEN];
     627    sprintf(tmp, "ssl_compare_hostnames(): s %s, pat %s, ret %li",
     628            s ? s : (unsigned char *) "null",
     629            pat ? pat : (unsigned char *) "null", ret);
     630    mm_log(tmp, PARSE);
     631  }
     632  --entered;
    618633  return ret;
    619634}
    620635