diff options
| author | Iwan Timmer <irtimmer@gmail.com> | 2019-10-29 20:32:18 +0100 |
|---|---|---|
| committer | Iwan Timmer <irtimmer@gmail.com> | 2019-10-29 20:32:18 +0100 |
| commit | 7f2f4faced3fda47e6b76ab73cde747cc20cf8b8 (patch) | |
| tree | 9f00e96f4bd2762b760379efa02acedcfec1fcd5 /src/resolve/resolved-dnstls-gnutls.h | |
| parent | resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS (diff) | |
| download | systemd-7f2f4faced3fda47e6b76ab73cde747cc20cf8b8.tar.xz systemd-7f2f4faced3fda47e6b76ab73cde747cc20cf8b8.zip | |
resolved: check for IP in certificate when using DoT with GnuTLS
Validate the IP address in the certificate for DNS-over-TLS in strict mode when GnuTLS is used. As this is not yet the case in contrast to the documentation.
Diffstat (limited to '')
| -rw-r--r-- | src/resolve/resolved-dnstls-gnutls.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/resolve/resolved-dnstls-gnutls.h b/src/resolve/resolved-dnstls-gnutls.h index af52f04fdf..d4da2017c3 100644 --- a/src/resolve/resolved-dnstls-gnutls.h +++ b/src/resolve/resolved-dnstls-gnutls.h @@ -18,6 +18,7 @@ struct DnsTlsServerData { struct DnsTlsStreamData { gnutls_session_t session; + gnutls_typed_vdata_st validation; int handshake; bool shutdown; }; |