diff options
| author | fridtjof <fridtjof@das-labor.org> | 2022-07-20 19:48:12 +0300 |
|---|---|---|
| committer | fridtjof <fridtjof@das-labor.org> | 2022-07-20 19:48:12 +0300 |
| commit | e6bb01dc8525e55acb604911cd5c44bbce60e097 (patch) | |
| tree | e0b21216f3a526930a5bbec5c51238c2c1bd3985 | |
| parent | ff3d0a6ec82bb1c0228bcc2349777cb6e2326927 (diff) | |
FIX(client): properly verify certificates when SRV records are used
Previously, Mumble would always use the original hostname when verifying a server certificate. When the actual server hostname (resolved through an SRV record) differs from the original hostname, it should be used instead.
Fixes #3563
| -rw-r--r-- | src/ServerResolver.cpp | 2 | ||||
| -rw-r--r-- | src/mumble/ServerHandler.cpp | 10 | ||||
| -rw-r--r-- | src/mumble/ServerHandler.h | 1 |
3 files changed, 10 insertions, 3 deletions
diff --git a/src/ServerResolver.cpp b/src/ServerResolver.cpp index 7191fd5a0..6dc225ca7 100644 --- a/src/ServerResolver.cpp +++ b/src/ServerResolver.cpp @@ -91,7 +91,7 @@ void ServerResolverPrivate::hostResolved(QHostInfo hostInfo) { foreach (QHostAddress ha, resolvedAddresses) { addresses << HostAddress(ha); } qint64 priority = normalizeSrvPriority(record.priority(), record.weight()); - m_resolved << ServerResolverRecord(m_origHostname, record.port(), priority, addresses); + m_resolved << ServerResolverRecord(record.target(), record.port(), priority, addresses); } m_srvQueueRemain -= 1; diff --git a/src/mumble/ServerHandler.cpp b/src/mumble/ServerHandler.cpp index cb3f17c81..94e81bd29 100644 --- a/src/mumble/ServerHandler.cpp +++ b/src/mumble/ServerHandler.cpp @@ -359,10 +359,16 @@ void ServerHandler::hostnameResolved() { // Create the list of target host:port pairs // that the ServerHandler should try to connect to. QList< ServerAddress > ql; + QHash< ServerAddress, QString > qh; foreach (ServerResolverRecord record, records) { - foreach (HostAddress addr, record.addresses()) { ql.append(ServerAddress(addr, record.port())); } + foreach (HostAddress addr, record.addresses()) { + auto sa = ServerAddress(addr, record.port()); + ql.append(sa); + qh[sa] = record.hostname(); + } } qlAddresses = ql; + qhHostnames = qh; // Exit the event loop with 'success' status code, // to continue connecting to the server. @@ -392,7 +398,7 @@ void ServerHandler::run() { qbaDigest = QByteArray(); bStrong = true; qtsSock = new QSslSocket(this); - qtsSock->setPeerVerifyName(qsHostName); + qtsSock->setPeerVerifyName(qhHostnames[saTargetServer]); if (!Global::get().s.bSuppressIdentity && CertWizard::validateCert(Global::get().s.kpCertificate)) { qtsSock->setPrivateKey(Global::get().s.kpCertificate.second); diff --git a/src/mumble/ServerHandler.h b/src/mumble/ServerHandler.h index 8307938aa..3fed29bde 100644 --- a/src/mumble/ServerHandler.h +++ b/src/mumble/ServerHandler.h @@ -105,6 +105,7 @@ public: boost::shared_ptr< VoiceRecorder > recorder; QSslSocket *qtsSock; QList< ServerAddress > qlAddresses; + QHash< ServerAddress, QString > qhHostnames; ServerAddress saTargetServer; unsigned int uiVersion; |