Fix return convention of x509_wildcard_verify()
diff --git a/library/x509_crt.c b/library/x509_crt.c
index ed62e7b..4fddf65 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1705,10 +1705,9 @@
}
/*
- * Return 1 if match, 0 if not
- * TODO: inverted return value!
+ * Return 0 if name matches wildcard, -1 otherwise
*/
-static int x509_wildcard_verify( const char *cn, mbedtls_x509_buf *name )
+static int x509_check_wildcard( const char *cn, mbedtls_x509_buf *name )
{
size_t i;
size_t cn_idx = 0, cn_len = strlen( cn );
@@ -1726,15 +1725,15 @@
}
if( cn_idx == 0 )
- return( 0 );
+ return( -1 );
if( cn_len - cn_idx == name->len - 1 &&
x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
{
- return( 1 );
+ return( 0 );
}
- return( 0 );
+ return( -1 );
}
/*
@@ -2133,8 +2132,10 @@
if( cur->buf.len > 2 &&
memcmp( cur->buf.p, "*.", 2 ) == 0 &&
- x509_wildcard_verify( cn, &cur->buf ) )
+ x509_check_wildcard( cn, &cur->buf ) == 0 )
+ {
break;
+ }
cur = cur->next;
}
@@ -2154,7 +2155,7 @@
if( name->val.len > 2 &&
memcmp( name->val.p, "*.", 2 ) == 0 &&
- x509_wildcard_verify( cn, &name->val ) )
+ x509_check_wildcard( cn, &name->val ) == 0 )
break;
}