diff options
Diffstat (limited to 'recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch')
-rw-r--r-- | recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch b/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch new file mode 100644 index 0000000000..202b2931c9 --- /dev/null +++ b/recipes/gftp/gftp/gftp-2.0.18-ssl-wildcardcert.patch @@ -0,0 +1,22 @@ +--- lib/sslcommon.c 2005-01-04 14:32:11.000000000 +0100 ++++ lib/sslcommon.c 2006-06-19 15:23:13.000000000 +0200 +@@ -182,7 +182,18 @@ + X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0) + { + data[sizeof (data) - 1] = '\0'; +- if (strcasecmp (data, request->hostname) != 0) ++ /* Check for wildcard CN (must begin with *.) */ ++ if (strncmp(data, "*.", 2) == 0) ++ { ++ int hostname_len = strlen(data) - 1; ++ if (strlen(request->hostname) > hostname_len && ++ strcasecmp (&(data[1]), &(request->hostname[strlen(request->hostname) - hostname_len])) == 0) ++ ok = 1; ++ } ++ else if (strcasecmp (data, request->hostname) == 0) ++ ok = 1; ++ ++ if (!ok) + { + request->logging_function (gftp_logging_error, request, + _("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"), |