QSslSocket: fix security vulnerability with wildcard IP addresses

This fixes Westpoint Security issue with Advisory ID#: wp-10-0001. Before, we would allow wildcards in IP addresses like *.2.3.4 ; now, IP addresses must match excatly. Patch-by: Richard J. Moore <rich@kde.org> Task-number: QT-3704
author: Peter Hartmann <peter.hartmann@nokia.com> 2010-08-10 11:59:57 (GMT)
committer: Peter Hartmann <peter.hartmann@nokia.com> 2010-08-10 12:13:35 (GMT)
commit: 846f1b44eea4bb34d080d055badb40a4a13d369e (patch)
tree: 4fc58a9d2f96bb9b595ac3db309134d330d74646 /src/network/ssl
parent: 09884750f89a24b6f480b4519b3a2a1b4c2f028d (diff)
download: Qt-846f1b44eea4bb34d080d055badb40a4a13d369e.zip
Qt-846f1b44eea4bb34d080d055badb40a4a13d369e.tar.gz
Qt-846f1b44eea4bb34d080d055badb40a4a13d369e.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index b4d030c..bb6910a 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -1288,6 +1288,11 @@ bool QSslSocketBackendPrivate::isMatchingHostname(const QString &cn, const QStri
     if (hostname.midRef(hostname.indexOf(QLatin1Char('.'))) != cn.midRef(firstCnDot))
         return false;
 
+    // Check if the hostname is an IP address, if so then wildcards are not allowed
+    QHostAddress addr(hostname);
+    if (!addr.isNull())
+        return false;
+
     // Ok, I guess this was a wildcard CN and the hostname matches.
     return true;
 }
author	Peter Hartmann <peter.hartmann@nokia.com>	2010-08-10 11:59:57 (GMT)
committer	Peter Hartmann <peter.hartmann@nokia.com>	2010-08-10 12:13:35 (GMT)
commit	846f1b44eea4bb34d080d055badb40a4a13d369e (patch)
tree	4fc58a9d2f96bb9b595ac3db309134d330d74646 /src/network/ssl
parent	09884750f89a24b6f480b4519b3a2a1b4c2f028d (diff)
download	Qt-846f1b44eea4bb34d080d055badb40a4a13d369e.zip Qt-846f1b44eea4bb34d080d055badb40a4a13d369e.tar.gz Qt-846f1b44eea4bb34d080d055badb40a4a13d369e.tar.bz2