From aabf62e7d273d95426c2f2ce05813f9f6e470114 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 1 Aug 2009 22:18:37 +0000
Subject: [PATCH] clarify the description of the null byte in cert name fix

---
 CHANGES | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index a69c714ba..2f0b74015 100644
--- a/CHANGES
+++ b/CHANGES
@@ -27,8 +27,10 @@ Daniel Stenberg (1 Aug 2009)
   if the name in the cert was "example.com\0theatualsite.com", libcurl would
   happily verify that cert for example.com.
 
-  libcurl now better use the length of the extracted name, not assuming it is
-  zero terminated.
+  libcurl now better uses the length of the extracted name, not using the zero
+  termination for getting the string length.
+
+  This fixing only made and needed in OpenSSL interfacing code.
 
 - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
   only in some OpenSSL installs - like on Windows) isn't thread-safe and we