Skip to content

Commit

Permalink
nghttpx: Fix numeric hostname verification
Browse files Browse the repository at this point in the history
  • Loading branch information
@tatsuhiro-t
tatsuhiro-t committed Mar 15, 2023
1 parent ef7bb8e commit cc14400
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion src/shrpx_tls.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1817,12 +1817,15 @@ namespace {
int verify_numeric_hostname(X509 *cert, const StringRef &hostname,
const Address *addr) {
const void *saddr;
size_t saddrlen;
switch (addr->su.storage.ss_family) {
case AF_INET:
saddr = &addr->su.in.sin_addr;
saddrlen = sizeof(addr->su.in.sin_addr);
break;
case AF_INET6:
saddr = &addr->su.in6.sin6_addr;
saddrlen = sizeof(addr->su.in6.sin6_addr);
break;
default:
return -1;
Expand All @@ -1847,7 +1850,7 @@ int verify_numeric_hostname(X509 *cert, const StringRef &hostname,
size_t ip_addrlen = altname->d.iPAddress->length;

ip_found = true;
if (addr->len == ip_addrlen && memcmp(saddr, ip_addr, ip_addrlen) == 0) {
if (saddrlen == ip_addrlen && memcmp(saddr, ip_addr, ip_addrlen) == 0) {
return 0;
}
}
Expand Down

0 comments on commit cc14400

Please sign in to comment.