[thrift] branch master updated: THRIFT-5343: TTlsSocketTransport does not resolve IPv4 addresses or validate hostnames correctly Client: netstd Patch: James Lacey

jensg Thu, 04 Feb 2021 01:24:42 -0800

This is an automated email from the ASF dual-hosted git repository.

jensg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/thrift.git



The following commit(s) were added to refs/heads/master by this push:
     new 55016bf  THRIFT-5343: TTlsSocketTransport does not resolve IPv4 
addresses or validate hostnames correctly Client: netstd Patch: James Lacey
55016bf is described below

commit 55016bff2b19f2c5d3c85ae9985c49527ffffabb
Author: James Lacey <[email protected]>
AuthorDate: Tue Feb 2 15:14:55 2021 -0700

    THRIFT-5343: TTlsSocketTransport does not resolve IPv4 addresses or 
validate hostnames correctly
    Client: netstd
    Patch: James Lacey
    
    This closes #2322
---
 lib/netstd/Thrift/Transport/Client/TTlsSocketTransport.cs | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/netstd/Thrift/Transport/Client/TTlsSocketTransport.cs 
b/lib/netstd/Thrift/Transport/Client/TTlsSocketTransport.cs
index 0980526..e3da6f4 100644
--- a/lib/netstd/Thrift/Transport/Client/TTlsSocketTransport.cs
+++ b/lib/netstd/Thrift/Transport/Client/TTlsSocketTransport.cs
@@ -38,6 +38,7 @@ namespace Thrift.Transport.Client
         private readonly LocalCertificateSelectionCallback 
_localCertificateSelectionCallback;
         private readonly int _port;
         private readonly SslProtocols _sslProtocols;
+        private readonly string _targetHost;
         private TcpClient _client;
         private SslStream _secureStream;
         private int _timeout;
@@ -122,13 +123,13 @@ namespace Thrift.Transport.Client
         {
             try
             {
+                _targetHost = host;
+
                 var entry = Dns.GetHostEntry(host);
                 if (entry.AddressList.Length == 0)
                     throw new 
TTransportException(TTransportException.ExceptionType.Unknown, "unable to 
resolve host name");
 
-                var addr = entry.AddressList[0];
-
-                _host = new IPAddress(addr.GetAddressBytes(), addr.ScopeId);
+                _host = entry.AddressList[0];
                 _port = port;
                 _timeout = timeout;
                 _certificate = certificate;
@@ -239,7 +240,7 @@ namespace Thrift.Transport.Client
                         ? new X509CertificateCollection {_certificate}
                         : new X509CertificateCollection();
 
-                    var targetHost = _host.ToString();
+                    var targetHost = _targetHost ?? _host.ToString();
                     await _secureStream.AuthenticateAsClientAsync(targetHost, 
certs, _sslProtocols, true);
                 }
             }

[thrift] branch master updated: THRIFT-5343: TTlsSocketTransport does not resolve IPv4 addresses or validate hostnames correctly Client: netstd Patch: James Lacey

Reply via email to