2010-04-08 Gonzalo Paniagua Javier <gonzalo@novell.com>

* ServicePointManager.cs: obtain the SubjectAltName extension the right way. Fixes bug #594110. svn path=/branches/mono-2-6/mcs/; revision=155050
author: Gonzalo Paniagua Javier <gonzalo.mono@gmail.com> 2010-04-08 18:30:31 +0400
committer: Gonzalo Paniagua Javier <gonzalo.mono@gmail.com> 2010-04-08 18:30:31 +0400
commit: 2d8eb21f63f9e7873315b51e4ecab538695c4d83 (patch)
tree: 9df6b33a8606c0d9bdf22753e1e0e31673257dec /mcs
parent: 506b0f407508f377947e4f68cea97bb7eede7683 (diff)
2 files changed, 10 insertions, 6 deletions
diff --git a/mcs/class/System/System.Net/ChangeLog b/mcs/class/System/System.Net/ChangeLog
index 14bd22ea129..54835ce7be9 100644
--- a/mcs/class/System/System.Net/ChangeLog
+++ b/mcs/class/System/System.Net/ChangeLog
@@ -1,3 +1,8 @@
+2010-04-08 Gonzalo Paniagua Javier <gonzalo@novell.com>
+
+	* ServicePointManager.cs: obtain the SubjectAltName extension the
+	right way. Fixes bug #594110.
+
 2010-03-26 Gonzalo Paniagua Javier <gonzalo@novell.com>
 
 	* ServicePointManager.cs: errors parsing the certificate don't prevent
diff --git a/mcs/class/System/System.Net/ServicePointManager.cs b/mcs/class/System/System.Net/ServicePointManager.cs
index 8a18f8c33b8..cf481194d10 100644
--- a/mcs/class/System/System.Net/ServicePointManager.cs
+++ b/mcs/class/System/System.Net/ServicePointManager.cs
@@ -437,7 +437,7 @@ namespace System.Net
 					status11 = -2146762490; //CERT_E_PURPOSE 0x800B0106
 				}
 
-				if (!CheckServerIdentity (leaf, Host)) {
+				if (!CheckServerIdentity (certs [0], Host)) {
 					errors |= SslPolicyErrors.RemoteCertificateNameMismatch;
 					status11 = -2146762481; // CERT_E_CN_NO_MATCH 0x800B010F
 				}
@@ -618,14 +618,13 @@ namespace System.Net
 			// 2.1.		exact match is required
 			// 3.	Use of the most specific Common Name (CN=) in the Subject
 			// 3.1		Existing practice but DEPRECATED
-			static bool CheckServerIdentity (X509Certificate2 cert, string targetHost) 
+			static bool CheckServerIdentity (Mono.Security.X509.X509Certificate cert, string targetHost) 
 			{
 				try {
-					X509Extension ext = cert.Extensions ["2.5.29.17"];
+					Mono.Security.X509.X509Extension ext = cert.Extensions ["2.5.29.17"];
 					// 1. subjectAltName
 					if (ext != null) {
-						ASN1 asn = new ASN1 (ext.RawData);
-						SubjectAltNameExtension subjectAltName = new SubjectAltNameExtension (asn);
+						SubjectAltNameExtension subjectAltName = new SubjectAltNameExtension (ext);
 						// 1.1 - multiple dNSName
 						foreach (string dns in subjectAltName.DNSNames) {
 							// 1.2 TODO - wildcard support
@@ -640,7 +639,7 @@ namespace System.Net
 						}
 					}
 					// 3. Common Name (CN=)
-					return CheckDomainName (cert.SubjectName.Format (false), targetHost);
+					return CheckDomainName (cert.SubjectName, targetHost);
 				} catch (Exception e) {
 					Console.Error.WriteLine ("ERROR processing certificate: {0}", e);
 					Console.Error.WriteLine ("Please, report this problem to the Mono team");
author	Gonzalo Paniagua Javier <gonzalo.mono@gmail.com>	2010-04-08 18:30:31 +0400
committer	Gonzalo Paniagua Javier <gonzalo.mono@gmail.com>	2010-04-08 18:30:31 +0400
commit	2d8eb21f63f9e7873315b51e4ecab538695c4d83 (patch)
tree	9df6b33a8606c0d9bdf22753e1e0e31673257dec /mcs
parent	506b0f407508f377947e4f68cea97bb7eede7683 (diff)