diff options
| author | Martin Smith <martin.smith@nokia.com> | 2010-08-10 12:15:02 (GMT) |
|---|---|---|
| committer | Martin Smith <martin.smith@nokia.com> | 2010-08-10 12:15:02 (GMT) |
| commit | 44ebcef5b96c4c3478c7629836ed55e83493fd17 (patch) | |
| tree | 8082fadbe1ac8afe76b914ecdaf44978a589a526 | |
| parent | 2b42bac65ae90f94b04ff556e5033014d37d223d (diff) | |
| parent | 846f1b44eea4bb34d080d055badb40a4a13d369e (diff) | |
| download | Qt-44ebcef5b96c4c3478c7629836ed55e83493fd17.zip Qt-44ebcef5b96c4c3478c7629836ed55e83493fd17.tar.gz Qt-44ebcef5b96c4c3478c7629836ed55e83493fd17.tar.bz2 | |
Merge branch '4.7' of git@scm.dev.nokia.troll.no:qt/oslo-staging-1 into 4.7
| -rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 5 | ||||
| -rw-r--r-- | tests/auto/qsslsocket/tst_qsslsocket.cpp | 2 |
2 files changed, 7 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index b4d030c..bb6910a 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -1288,6 +1288,11 @@ bool QSslSocketBackendPrivate::isMatchingHostname(const QString &cn, const QStri if (hostname.midRef(hostname.indexOf(QLatin1Char('.'))) != cn.midRef(firstCnDot)) return false; + // Check if the hostname is an IP address, if so then wildcards are not allowed + QHostAddress addr(hostname); + if (!addr.isNull()) + return false; + // Ok, I guess this was a wildcard CN and the hostname matches. return true; } diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp index 0c12974..6c1dd8f 100644 --- a/tests/auto/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp @@ -1072,6 +1072,7 @@ void tst_QSslSocket::wildcardCertificateNames() QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("www.example.com")), true ); QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx*.example.com"), QString("xxxwww.example.com")), true ); QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("foo.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("192.168.0.0"), QString("192.168.0.0")), true ); // Failing CN matches QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx.example.com"), QString("www.example.com")), false ); @@ -1085,6 +1086,7 @@ void tst_QSslSocket::wildcardCertificateNames() QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example")), false ); QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString(""), QString("www")), false ); QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.168.0.0"), QString("192.168.0.0")), false ); } void tst_QSslSocket::wildcard() |