From 8991663e33313233fed9cb7b0149baec1aa32b3f Mon Sep 17 00:00:00 2001
From: Andrew Thompson <andrew@hijacked.us>
Date: Thu, 10 Oct 2013 02:23:02 -0400
Subject: Various improvements to CRL handling

* Handle v1 CRLs, with no extensions.
* Compare the IDP on a CRL correctly, if present
* Don't try to double-decode altnames

Tests are also included, and the make_certs testing tool in the SSL
application has been greatly extended.
---
 lib/public_key/src/pubkey_cert.erl | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'lib/public_key/src/pubkey_cert.erl')

diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index d9288e99bb..07469e342f 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -319,6 +319,8 @@ verify_fun(Otpcert, Result, UserState0, VerifyFun) ->
 %%
 %% Description: Extracts a specific extension from a list of extensions.
 %%--------------------------------------------------------------------
+select_extension(_, asn1_NOVALUE) ->
+    undefined;
 select_extension(_, []) ->
     undefined;
 select_extension(Id, [#'Extension'{extnID = Id} = Extension | _]) ->
@@ -341,8 +343,8 @@ match_name(uniformResourceIdentifier, URI,  [PermittedName | Rest]) ->
     case split_uri(URI) of
 	incomplete ->
 	    false;
-	{_, _, Host, _, _} ->
-	    match_name(fun is_valid_host_or_domain/2, Host,
+	{_, _, _Host, _, _} ->
+	    match_name(fun is_valid_host_or_domain/2, URI,
 		       PermittedName, Rest)
     end;
 
-- 
cgit v1.2.3