Make the libraries check that the server certificate refers to its hostname. Fixes...

author Daniel Kouřil <kouril@ics.muni.cz>

Tue, 24 Jan 2012 09:35:53 +0000 (09:35 +0000)

committer Daniel Kouřil <kouril@ics.muni.cz>

Tue, 24 Jan 2012 09:35:53 +0000 (09:35 +0000)
author Daniel Kouřil <kouril@ics.muni.cz>
Tue, 24 Jan 2012 09:35:53 +0000 (09:35 +0000)
committer Daniel Kouřil <kouril@ics.muni.cz>
Tue, 24 Jan 2012 09:35:53 +0000 (09:35 +0000)
diff --git a/org.glite.lbjp-common.gss/src/glite_gss.c b/org.glite.lbjp-common.gss/src/glite_gss.c

index 857dbab..e37e4f8 100644 (file)
--- a/org.glite.lbjp-common.gss/src/glite_gss.c
+++ b/org.glite.lbjp-common.gss/src/glite_gss.c
@@ -762,7 +762,7 @@ static int try_conn_and_auth (edg_wll_GssCred cred, char const *hostname, char *
     while (!context_established) {
        /* XXX verify ret_flags match what was requested */
        maj_stat = gss_init_sec_context(&min_stat, cred->gss_cred, &context,
-                                     GSS_C_NO_NAME, GSS_C_NO_OID,
+                                     server, GSS_C_NO_OID,
                                       req_flags | GSS_C_MUTUAL_FLAG | GSS_C_CONF_FLAG,
                                       0, GSS_C_NO_CHANNEL_BINDINGS,
                                       &input_token, NULL, &output_token,
author	Daniel Kouřil <kouril@ics.muni.cz>
	Tue, 24 Jan 2012 09:35:53 +0000 (09:35 +0000)
committer	Daniel Kouřil <kouril@ics.muni.cz>
	Tue, 24 Jan 2012 09:35:53 +0000 (09:35 +0000)