]> source.dussan.org Git - tigervnc.git/commit
projects / tigervnc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f81c4b6) | patch
Properly store certificate exceptions
authorPierre Ossman <ossman@cendio.se>
Thu, 21 May 2020 19:10:38 +0000 (21:10 +0200)
committerPierre Ossman <ossman@cendio.se>
Tue, 8 Sep 2020 12:14:41 +0000 (14:14 +0200)
commit7399eab79a4365434d26494fa1628ce1eb91562b
tree090184650960f1b253fbf4fbf7fa0bff8af9da97tree | snapshot
parentf81c4b683036337e7063f506c96a953f0504f3d3commit | diff
Properly store certificate exceptions

The previous method stored the certificates as authorities, meaning that
the owner of that certificate could impersonate any server it wanted
after a client had added an exception.

Handle this more properly by only storing exceptions for specific
hostname/certificate combinations, the same way browsers or SSH does
things.

(cherry picked from commit b30f10c681ec87720cff85d490f67098568a9cba)
common/rfb/CSecurityTLS.cxx diff | blob | history
High performance, multi-platform VNC client and server: https://github.com/TigerVNC/tigervnc