Skip to content

V
vlc-1.1
Commit f8eedf5e authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont
Browse files
Options

GnuTLS: fix server assertion failure in client certificate verification 

(cherry picked from commit 72c07065860ad8e70674714532da05e373acdc88)

Plus an extra security check.
parent 9dd4633a
Show whitespace changes
Inline Side-by-side
Showing with 3 additions and 3 deletions
modules/misc/gnutls.c
View file @ f8eedf5e
......@@ -356,8 +356,8 @@ gnutls_HandshakeAndValidate( tls_session_t *session )
goto error;
}
assert( p_sys->psz_hostname != NULL );
if ( !gnutls_x509_crt_check_hostname( cert, p_sys->psz_hostname ) )
if( p_sys->psz_hostname != NULL
&& !gnutls_x509_crt_check_hostname( cert, p_sys->psz_hostname ) )
{
msg_Err( session, "Certificate does not match \"%s\"",
p_sys->psz_hostname );
......@@ -731,7 +731,7 @@ static int OpenClient (vlc_object_t *obj)
char *servername = var_GetNonEmptyString (p_session, "tls-server-name");
if (servername == NULL )
msg_Err (p_session, "server name missing for TLS session");
abort ();
else
gnutls_server_name_set (p_sys->session.session, GNUTLS_NAME_DNS,
servername, strlen (servername));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment