diff options
| author | Jaakko Keränen <jaakko.keranen@iki.fi> | 2020-09-01 19:01:55 +0300 |
|---|---|---|
| committer | Jaakko Keränen <jaakko.keranen@iki.fi> | 2020-09-01 19:01:55 +0300 |
| commit | e2b5ea14d25dbbb62a1e827803e67c30df79c6a1 (patch) | |
| tree | 4a565c803609cdaa56459ecf3f346fd50f916df2 /src/gmrequest.c | |
| parent | b4a8cc763081d128788e3b9c393cc34bc206bd22 (diff) | |
Proxy improvements
Verify domain name against the request and now against the original URL.
HTTP proxy overrides the default handling of HTTP URLs.
Diffstat (limited to 'src/gmrequest.c')
| -rw-r--r-- | src/gmrequest.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/gmrequest.c b/src/gmrequest.c index 24732650..137e8303 100644 --- a/src/gmrequest.c +++ b/src/gmrequest.c | |||
| @@ -194,7 +194,7 @@ static void checkServerCertificate_GmRequest_(iGmRequest *d) { | |||
| 194 | const iTlsCertificate *cert = serverCertificate_TlsRequest(d->req); | 194 | const iTlsCertificate *cert = serverCertificate_TlsRequest(d->req); |
| 195 | d->resp.certFlags = 0; | 195 | d->resp.certFlags = 0; |
| 196 | if (cert) { | 196 | if (cert) { |
| 197 | const iRangecc domain = urlHost_String(&d->url); | 197 | const iRangecc domain = range_String(hostName_Address(address_TlsRequest(d->req))); |
| 198 | d->resp.certFlags |= available_GmCertFlag; | 198 | d->resp.certFlags |= available_GmCertFlag; |
| 199 | if (!isExpired_TlsCertificate(cert)) { | 199 | if (!isExpired_TlsCertificate(cert)) { |
| 200 | d->resp.certFlags |= timeVerified_GmCertFlag; | 200 | d->resp.certFlags |= timeVerified_GmCertFlag; |