source.dussan.org Git - tigervnc.git/commit

]> source.dussan.org Git - tigervnc.git/commit

author	Brian P. Hinz <bphinz@users.sf.net>
	Tue, 8 Sep 2020 08:13:32 +0000 (10:13 +0200)
committer	Pierre Ossman <ossman@cendio.se>
	Tue, 8 Sep 2020 08:13:32 +0000 (10:13 +0200)
commit	f029745f63ac7d22fb91639b2cb5b3ab56134d6e
tree	99d2f7eca2f14a3cb782e26d708dd4e1ce4f8fe6	tree \| snapshot
parent	b30f10c681ec87720cff85d490f67098568a9cba	commit \| diff

Properly store certificate exceptions in Java viewer

Like the native viewer, the Java viewer didn't store certificate
exceptions properly. Whilst not as bad as the native viewer, it still
failed to check that a stored certificate wouldn't be maliciously used
for another server. In practice this can in most cases be used to
impersonate another server.

Handle this like the native viewer by storing exceptions for a specific
hostname/certificate combination.

java/com/tigervnc/rfb/CSecurityTLS.java

diff | blob | history

High performance, multi-platform VNC client and server: https://github.com/TigerVNC/tigervnc

RSS Atom