CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/04/26 11:58:58
Modified files:
lib/libcrypto/x509: x509_addr.c
Log message:
make_addressRange: unused bits in max must be zero
X509v3_addr_add_range() requires that min and max of an address range
have network encoding. In the RFC 3779 encoding of an actual address
range (as opposed to a prefix) as a SEQUENCE OF two ASN.1 BIT STRINGs,
the trailing one bits of the maximum become unused bits and therefore
must be DER encoded as zeroes. The DER encoder will clear them via i2d
but these trailing ones are annoying. Make a copy in which the unused
bits are cleared.
ok kenjiro
