Repository: qpid-proton Updated Branches: refs/heads/0.13.x fd9d961b6 -> ad532c392
PROTON-1233: PROTON-1228: for 0.13.1, make schannel hostname behaviour like openssl Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/ad532c39 Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/ad532c39 Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/ad532c39 Branch: refs/heads/0.13.x Commit: ad532c392816dff3129e03e90e2e07cefe94618c Parents: fd9d961 Author: Clifford Jansen <[email protected]> Authored: Thu Jun 30 11:47:54 2016 -0700 Committer: Clifford Jansen <[email protected]> Committed: Thu Jun 30 11:52:29 2016 -0700 ---------------------------------------------------------------------- proton-c/src/windows/schannel.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ad532c39/proton-c/src/windows/schannel.c ---------------------------------------------------------------------- diff --git a/proton-c/src/windows/schannel.c b/proton-c/src/windows/schannel.c index fa9c2d1..0201034 100644 --- a/proton-c/src/windows/schannel.c +++ b/proton-c/src/windows/schannel.c @@ -767,6 +767,13 @@ pn_ssl_t *pn_ssl(pn_transport_t *transport) transport->ssl = ssl; + // Set up hostname from any bound connection + if (transport->connection) { + if (pn_string_size(transport->connection->hostname)) { + pn_ssl_set_peer_hostname((pn_ssl_t *) transport, pn_string_get(transport->connection->hostname)); + } + } + SecInvalidateHandle(&ssl->cred_handle); SecInvalidateHandle(&ssl->ctxt_handle); ssl->state = CREATED; @@ -2210,6 +2217,11 @@ static HRESULT verify_peer(pni_ssl_t *ssl, HCERTSTORE root_store, const char *se error = SEC_E_WRONG_PRINCIPAL; break; } + else if (ssl->verify_mode == PN_SSL_VERIFY_PEER_NAME && !server_name) { + ssl_log_error("Error: configuration error: PN_SSL_VERIFY_PEER_NAME configured, but no peer hostname set!"); + error = SEC_E_WRONG_PRINCIPAL; + break; + } } while (0); if (tracing && !error) --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
