Apache
/
httpcomponents-client
mirror of https://github.com/apache/httpcomponents-client.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

HTTPCLIENT-617: Hostname verification: turn off wildcards when CN is an IP address 

Contributed by Julius Davies <juliusdavies at gmail.com>
Reviewed by Oleg Kalnichevski


git-svn-id: https://svn.apache.org/repos/asf/jakarta/httpcomponents/httpclient/trunk@583749 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2007-10-11 09:19:45 +00:00
parent 3e8a5f6863
commit 19e029924f
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
module-client/src/main/java/org/apache/http/conn/ssl/AbstractVerifier.java
View File

@ -31,6 +31,8 @@
package org.apache.http.conn.ssl;
import org.apache.http.conn.util.InetAddressUtils;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.Certificate;
@ -195,7 +197,8 @@ public abstract class AbstractVerifier implements HostnameVerifier {
// [*.org.uk], etc...
boolean doWildcard = cn.startsWith("*.") &&
cn.lastIndexOf('.') >= 0 &&
acceptableCountryWildcard(cn);
acceptableCountryWildcard(cn) &&
!InetAddressUtils.isIPv4Address(host);
if(doWildcard) {
match = hostName.endsWith(cn.substring(1));