aboutsummaryrefslogtreecommitdiffstats
path: root/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch
diff options
context:
space:
mode:
Diffstat (limited to 'recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch')
-rw-r--r--recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch22
1 files changed, 22 insertions, 0 deletions
diff --git a/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch b/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch
new file mode 100644
index 0000000000..202b2931c9
--- /dev/null
+++ b/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch
@@ -0,0 +1,22 @@
+--- lib/sslcommon.c 2005-01-04 14:32:11.000000000 +0100
++++ lib/sslcommon.c 2006-06-19 15:23:13.000000000 +0200
+@@ -182,7 +182,18 @@
+ X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
+ {
+ data[sizeof (data) - 1] = '\0';
+- if (strcasecmp (data, request->hostname) != 0)
++ /* Check for wildcard CN (must begin with *.) */
++ if (strncmp(data, "*.", 2) == 0)
++ {
++ int hostname_len = strlen(data) - 1;
++ if (strlen(request->hostname) > hostname_len &&
++ strcasecmp (&(data[1]), &(request->hostname[strlen(request->hostname) - hostname_len])) == 0)
++ ok = 1;
++ }
++ else if (strcasecmp (data, request->hostname) == 0)
++ ok = 1;
++
++ if (!ok)
+ {
+ request->logging_function (gftp_logging_error, request,
+ _("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"),
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-13 23:56:03 +0000