From fb5d969c2bb3cfbfac6694fba28157138ad0c425 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Tue, 23 Aug 2016 14:42:43 +0200 Subject: [PATCH] Support for the wild-char certificate names dropped --- lib/TLS/src/Method.cpp | 11 +---------- lib/TLS_UI/res/wxTLS_UI.cpp | 4 ++-- lib/TLS_UI/res/wxTLS_UI.fbp | 4 ++-- lib/TLS_UI/src/TLS_UI.cpp | 2 +- 4 files changed, 6 insertions(+), 15 deletions(-) diff --git a/lib/TLS/src/Method.cpp b/lib/TLS/src/Method.cpp index e737fe6..a73249c 100644 --- a/lib/TLS/src/Method.cpp +++ b/lib/TLS/src/Method.cpp @@ -1178,16 +1178,7 @@ void eap::method_tls::verify_server_trust() const // Check server name. for (list::const_iterator s = cfg_method->m_server_names.cbegin(), s_end = cfg_method->m_server_names.cend();; ++s) { if (s != s_end) { - const wchar_t - *a = s->c_str(), - *b = subj.c_str(); - size_t - len_a = s->length(), - len_b = subj.length(); - - if (_wcsicmp(a, b) == 0 || // Direct match - a[0] == '*' && len_b + 1 >= len_a && _wcsicmp(a + 1, b + len_b - (len_a - 1)) == 0) // "*..." wildchar match - { + if (_wcsicmp(s->c_str(), subj.c_str()) == 0) { m_module.log_event(&EAPMETHOD_TLS_SERVER_NAME_TRUSTED1, event_data(subj), event_data::blank); break; } diff --git a/lib/TLS_UI/res/wxTLS_UI.cpp b/lib/TLS_UI/res/wxTLS_UI.cpp index 9228335..fb2b621 100644 --- a/lib/TLS_UI/res/wxTLS_UI.cpp +++ b/lib/TLS_UI/res/wxTLS_UI.cpp @@ -74,11 +74,11 @@ wxEAPTLSServerTrustConfigPanelBase::wxEAPTLSServerTrustConfigPanelBase( wxWindow sb_server_names->Add( m_server_names_label, 0, wxBOTTOM, 5 ); m_server_names = new wxTextCtrl( sb_server_trust->GetStaticBox(), wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - m_server_names->SetToolTip( _("A semicolon delimited list of acceptable server FQDN names; blank to skip name check; \"*\" wildchar allowed; Unicode characters allowed") ); + m_server_names->SetToolTip( _("A semicolon delimited list of acceptable server FQDN names; blank to skip name check; Unicode characters allowed") ); sb_server_names->Add( m_server_names, 0, wxEXPAND|wxBOTTOM, 5 ); - m_server_names_note = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("(Example: foo.bar.com;*.domain.org)"), wxDefaultPosition, wxDefaultSize, 0 ); + m_server_names_note = new wxStaticText( sb_server_trust->GetStaticBox(), wxID_ANY, _("(Example: foo.bar.com;server2.bar.com)"), wxDefaultPosition, wxDefaultSize, 0 ); m_server_names_note->Wrap( -1 ); sb_server_names->Add( m_server_names_note, 0, wxALIGN_RIGHT, 5 ); diff --git a/lib/TLS_UI/res/wxTLS_UI.fbp b/lib/TLS_UI/res/wxTLS_UI.fbp index 252438a..61660ec 100644 --- a/lib/TLS_UI/res/wxTLS_UI.fbp +++ b/lib/TLS_UI/res/wxTLS_UI.fbp @@ -870,7 +870,7 @@ 0 - A semicolon delimited list of acceptable server FQDN names; blank to skip name check; "*" wildchar allowed; Unicode characters allowed + A semicolon delimited list of acceptable server FQDN names; blank to skip name check; Unicode characters allowed wxFILTER_NONE wxDefaultValidator @@ -940,7 +940,7 @@ 0 0 wxID_ANY - (Example: foo.bar.com;*.domain.org) + (Example: foo.bar.com;server2.bar.com) 0 diff --git a/lib/TLS_UI/src/TLS_UI.cpp b/lib/TLS_UI/src/TLS_UI.cpp index 300988a..f41ee4b 100644 --- a/lib/TLS_UI/src/TLS_UI.cpp +++ b/lib/TLS_UI/src/TLS_UI.cpp @@ -108,7 +108,7 @@ bool wxHostNameValidator::Parse(const wxString &val_in, size_t i_start, size_t i // End of host name found. if (val_out) val_out->assign(val_in.c_str() + i_start, i - i_start); return true; - } else if (buf[i] == _T('-') || buf[i] == _T('_') || buf[i] == _T('*') || _istalnum(buf[i])) { + } else if (buf[i] == _T('-') || buf[i] == _T('_') || _istalnum(buf[i])) { // Valid character found. i++; } else {