[Bug 39559] New: ssl_verify.c uses inet_aton which is IPv4 only
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Jul 26 08:29:37 PDT 2011
https://bugs.freedesktop.org/show_bug.cgi?id=39559
Summary: ssl_verify.c uses inet_aton which is IPv4 only
Product: Spice
Version: unspecified
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: medium
Component: client
AssignedTo: spice-bugs at lists.freedesktop.org
ReportedBy: teuf at gnome.org
When checking certificates, common/ssl_verify.c uses inet_aton to get an IP
address in case the certificate contains an IP address instead of a hostname.
Since inet_aton is IPv4 only, this means we won't be able to check for IPv6
addresses in certificates. We should either fix this function for IPv6 use, or
use gnutls_x509_crt_check_hostname
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the spice-bugs
mailing list