security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

hkps: Fix host name verification when using pools.

Browse source 
* common/http.c (send_request): Set the requested for SNI.
* dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not
the selecting a host.
--

GnuPG-bug-id: 1792

Thanks to davidw for figuring out the problem.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2015-03-19 15:37:05 +01:00
parent 28bb3ab686
commit dc10d466bf
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 22 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
common/http.c
View file

@ -1443,7 +1443,8 @@ send_request (http_t hd, const char *httphost, const char *auth,
}
# if HTTP_USE_NTBTLS
err = ntbtls_set_hostname (hd->session->tls_session, server);
err = ntbtls_set_hostname (hd->session->tls_session,
hd->session->servername);
if (err)
{
log_info ("ntbtls_set_hostname failed: %s\n", gpg_strerror (err));
@ -1452,7 +1453,8 @@ send_request (http_t hd, const char *httphost, const char *auth,
# elif HTTP_USE_GNUTLS
rc = gnutls_server_name_set (hd->session->tls_session,
GNUTLS_NAME_DNS,
server, strlen (server));
hd->session->servername
strlen (hd->session->servername));
if (rc < 0)
log_info ("gnutls_server_name_set failed: %s\n", gnutls_strerror (rc));
# endif /*HTTP_USE_GNUTLS*/