~ubuntu-branches/ubuntu/wily/irssi/wily

« back to all changes in this revision

Viewing changes to debian/patches/20fix_ssl_proxy_hostname_check

Committer: Package Import Robot
Author(s): Steve Langasek
Date: 2014-09-06 23:15:51 UTC
Revision ID: package-import@ubuntu.com-20140906231551-7z4uu0h68rurtw5w

Tags: 0.8.16-1ubuntu4

Refresh and re-enable 20fix_ssl_proxy_hostname_check.

files modified:
debian/changelog

debian/patches/20fix_ssl_proxy_hostname_check

debian/patches/series

Show diffs side-by-side

added added

removed removed

debian/patches/20fix_ssl_proxy_hostname_check

Description: fix SSL CN check for proxy setup

Origin: Ubuntu, https://bugs.launchpad.net/ubuntu/+source/irssi/+bug/565182

Author: Steve Langasek

Author: Steve Langasek <vorlon@debian.org>

--- a/src/core/servers.c

+++ b/src/core/servers.c

@@ -209,6 +209,7 @@

char *errmsg2;

char ipaddr[MAX_IP_LEN];

int port;

+ char *hostname;

g_return_if_fail(ip != NULL || unix_socket != NULL);

@@ -223,8 +224,10 @@

server->connrec->own_ip4);

port = server->connrec->proxy != NULL ?

server->connrec->proxy_port : server->connrec->port;

+ hostname = server->connrec->proxy != NULL ?

+ server->connrec->proxy : server->connrec->address;

handle = server->connrec->use_ssl ?

- net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey,

+ net_connect_ip_ssl(ip, port, hostname, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey,

server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) :

net_connect_ip(ip, port, own_ip);

} else {

Index: irssi/src/core/network-openssl.c

===================================================================

--- irssi.orig/src/core/network-openssl.c

+++ irssi/src/core/network-openssl.c

@@ -240,6 +240,9 @@

}

#endif

+ if (server->connrec->proxy != NULL)

+ hostname = server->connrec->proxy;

result = SSL_get_verify_result(ssl);

if (result != X509_V_OK) {

unsigned char md[EVP_MAX_MD_SIZE];

Older »