diff options
| author | Werner Koch <wk@gnupg.org> | 2015-03-19 15:37:05 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2015-03-19 15:37:05 +0100 |
| commit | dc10d466bff53821f23d2cb4814c259d40c5d9c5 (patch) | |
| tree | 9e32be3b0fc3633463245582196dd1cd219be013 /common | |
| parent | Define replacement error codes from libgpg-error 1.19. (diff) | |
| download | gnupg2-dc10d466bff53821f23d2cb4814c259d40c5d9c5.tar.xz gnupg2-dc10d466bff53821f23d2cb4814c259d40c5d9c5.zip | |
hkps: Fix host name verification when using pools.
* common/http.c (send_request): Set the requested for SNI.
* dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not
the selecting a host.
--
GnuPG-bug-id: 1792
Thanks to davidw for figuring out the problem.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'common')
| -rw-r--r-- | common/http.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/common/http.c b/common/http.c index 50c0692d2..12e3fcb89 100644 --- a/common/http.c +++ b/common/http.c @@ -1443,7 +1443,8 @@ send_request (http_t hd, const char *httphost, const char *auth, } # if HTTP_USE_NTBTLS - err = ntbtls_set_hostname (hd->session->tls_session, server); + err = ntbtls_set_hostname (hd->session->tls_session, + hd->session->servername); if (err) { log_info ("ntbtls_set_hostname failed: %s\n", gpg_strerror (err)); @@ -1452,7 +1453,8 @@ send_request (http_t hd, const char *httphost, const char *auth, # elif HTTP_USE_GNUTLS rc = gnutls_server_name_set (hd->session->tls_session, GNUTLS_NAME_DNS, - server, strlen (server)); + hd->session->servername + strlen (hd->session->servername)); if (rc < 0) log_info ("gnutls_server_name_set failed: %s\n", gnutls_strerror (rc)); # endif /*HTTP_USE_GNUTLS*/ |