From: Daniel Kouřil <kouril@ics.muni.cz>
Date: Tue, 24 Jan 2012 09:35:53 +0000 (+0000)
Subject: Make the libraries check that the server certificate refers to its hostname. Fixes... 
X-Git-Tag: glite-lbjp-common-gss_R_3_0_6_1~4
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=a7f0c6855087ff6789efa5fd7cbd86dd8b276ace;p=jra1mw.git

Make the libraries check that the server certificate refers to its hostname. Fixes svg issue #3202.
---

diff --git a/org.glite.lbjp-common.gss/src/glite_gss.c b/org.glite.lbjp-common.gss/src/glite_gss.c
index 857dbab..e37e4f8 100644
--- a/org.glite.lbjp-common.gss/src/glite_gss.c
+++ b/org.glite.lbjp-common.gss/src/glite_gss.c
@@ -762,7 +762,7 @@ static int try_conn_and_auth (edg_wll_GssCred cred, char const *hostname, char *
    while (!context_established) {
       /* XXX verify ret_flags match what was requested */
       maj_stat = gss_init_sec_context(&min_stat, cred->gss_cred, &context,
-				      GSS_C_NO_NAME, GSS_C_NO_OID,
+				      server, GSS_C_NO_OID,
 				      req_flags | GSS_C_MUTUAL_FLAG | GSS_C_CONF_FLAG,
 				      0, GSS_C_NO_CHANNEL_BINDINGS,
 				      &input_token, NULL, &output_token,