© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
(In reply to comment #36)
> When I asked
> > Did you mean to disallow trailing dots from the patterns?
> my point was that the patch I was reviewing does NOT disallow trailing dots.
> It merely doesn't count them in the count of dots following the star.
> So *.a.b. is allowed, despite the trailing dot.
Correct, but the primary purpose of the patch is to change/fix the wildcard matching, not checking whether "cn" contains a valid host name / host name pattern. If someone really has a cert with "CN=*.example.
(Checking for "proper" cn patterns is outside the scope of the cert_TestHostName function, IMO. If we would really want to disallow trailing dots, then we would have to ban things like "-*.example.com" for cn as well. And a number of others, probably...)
> I asked that question because of bug 134402.
> Kaspar, you may be interested in that bug.
I'm aware of that one, yes (see comment 21 above ;-).