client ssl hostname check: trim any port on host header
This commit is contained in:
Andy Green
parent
647fa47f25
commit
27d650b89b
1 changed files with 23 additions and 4 deletions
|
|
@ -38,11 +38,30 @@ lws_ssl_client_bio_create(struct lws *wsi)
|
|||
#if defined(LWS_USE_MBEDTLS)
|
||||
#else
|
||||
struct lws_context *context = wsi->context;
|
||||
const char *hostname = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST);
|
||||
X509_VERIFY_PARAM *param;
|
||||
char hostname[128], *p;
|
||||
|
||||
(void)hostname;
|
||||
(void)param;
|
||||
#if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
|
||||
X509_VERIFY_PARAM *param;
|
||||
#endif
|
||||
if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
|
||||
_WSI_TOKEN_CLIENT_HOST) <= 0) {
|
||||
lwsl_err("%s: Unable to get hostname\n", __func__);
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* remove any :port part on the hostname... necessary for network
|
||||
* connection but typical certificates do not contain it
|
||||
*/
|
||||
p = hostname;
|
||||
while (*p) {
|
||||
if (*p == ':') {
|
||||
*p = '\0';
|
||||
break;
|
||||
}
|
||||
p++;
|
||||
}
|
||||
|
||||
wsi->ssl = SSL_new(wsi->vhost->ssl_client_ctx);
|
||||
if (!wsi->ssl) {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue